Let's talk about open-source information.
The question ‘what is OSINT’ is on everybody’s lips. However, there's a world of data out there, and it’s not all OSINT - yet.
Before Open-Source Intelligence becomes intelligence, it’s something else: Open-Source Information. Think of OSINF as the raw materials of OSINT; that vast collection of data freely available to anyone, from news articles and social media posts to government reports and academic papers. OSINT, meanwhile, is the finished product; the result of analysing and interpreting this raw data. The transition from OSINT to OSINF is known as the ‘Intelligence Cycle’.
So, why does this distinction matter? Although the word ‘OSINT’ is often (mis)applied to unprocessed open-source data, understanding the difference between OSINT and OSINF is fundamental. Whether you're working in cybersecurity, business, journalism, or law enforcement, understanding the process of OSINF to OSINT will give you a big advantage on your OSINT journey.
OSINT: What is Open Source Intelligence?
What is OSINT? Let’s keep this short. Open Source Intelligence (OSINT) is the practice of collecting, analysing, and using publicly available information (a.k.a. OSINF, but more on that in a moment).
OSINT relies on open sources such as websites, social media, news outlets, and government reports to gather data that can inform decisions in sectors like security, journalism, and business. This is the most basic explanation: the term OSINT encompasses a much wider range of techniques, practices and methodologies.
To learn more about both the fundamentals and the spectrum of OSINT branches out there, check out our dedicated ‘What is OSINT?’ article.
OSINF: What is Open Source Information?
The raw materials for OSINT, Open Source Information (OSINF) encompasses all information that is accessible to the general public without restrictions, i.e. open-source. This means OSINT runs the gamut in terms of where it can be found. Open-Source Information can be sourced from a variety of places:
- Public Websites: Content that is freely accessible on the internet, including news articles, blogs, forums, and more.
- Government Publications: Official reports, white papers, and statistics released by government agencies.
- Academic Journals: Research papers and articles that are available through open access platforms.
- Social Media: Public posts, tweets, and comments that are accessible without special permissions.
- Media Reports: News shared through television, radio, and print media.
Don’t forget: OSINF, or Open Source Information, is distinct from OSINT, or Open Source Intelligence. OSINF refers only to raw, publicly available data without any analytical processing. Once a human interprets the data, the data becomes intelligence.
The Intelligence Cycle: How Does OSINF Become OSINT?
The transition from OSINF to OSINT is about transforming unfiltered open data into actionable intelligence. Analysts go through a certain process to turn their OSINF caterpillar into an OSINT butterfly; or their ingredients into a cake, if you’re hungry. This process is known as the Intelligence Cycle, and takes place in six parts.
Step One: Direction
All successful investigations begin with making a plan. At this stage, an OSINT analyst defines the data requirements for his or her investigation, figuring out which dataset they need to look for.
Especially in law enforcement, analysts may create an Intelligence Collection Plan, outlining potential OSINF data sources like websites, social media, forums, and public records. Here, an analyst will also plan extraction methods for OSINF, specifying which strategies or OSINT tools and platforms they’ll use during their investigation.
Step Two: Collection
Now an analyst gets to gathering OSINF, combing through various open sources like websites, social media, mapping tools, forums, articles and public records for that vital data.
For faster and more efficient data gathering, an analyst will find OSINT tools like OSINT Industries are ideal at this stage. OSINT Industries’ tool automates the collection of data from over 1000 modules simultaneously, providing a comprehensive OSINF dataset that is ready for further processing.
Step Three: Collation
At this stage, an analyst structures the gathered OSINF into organised formats such as databases or spreadsheets to keep things organized. Structure is essential to a successful investigation.
Automation tools like Maltego and IBM i2 Analyst's Notebook are examples of software that can assist in this step, visualising relationships between entities and helping to structure the data efficiently. These tools help make sure that raw data is ready for detailed analysis - to become OSINT!
Step Four: Evaluation
Once OSINF is collected, it must be evaluated to filter out irrelevant or duplicate information. Validation is also important to ensure the data's reliability, verifying the credibility of the sources to avoid misinformation, ‘false positives’ and wasted time. Some analysts will make use of grading systems like the 3x5x2 system to evaluate sources for trustworthiness and accuracy.
This step narrows down the OSINF dataset to only the most important and accurate information. If using real-time accuracy-guaranteed OSINT tools like OSINT Industries, this filtration may be conducted by the tool itself.
Step Five: Analysis
Analysts take over from computers to interpret findings from the structured data: detect patterns, observe threats and trends, and understand key relationships. This is where OSINF becomes OSINT, extracting actionable intelligence.
This step requires a human analyst, and cannot be automated. An OSINT analyst is able to understand the context and significance of the information. Connecting social media activity with real-world events can reveal important details about suspect behaviours or potential security threats - and only a human analyst can do it!
Step Six: Dissemination and Feedback
At the final stage, analysts will create a report on OSINT findings, and distribute this intelligence — via reports, briefings, maps and more — to relevant decision-makers like law enforcement, investigators, or executives. This is where humble OSINF data, having become OSINT, has an impact offline in the real world.
A real-world example of the impact of OSINF becoming OSINT is UK law enforcement’s investigation of social media posts (an OSINF staple) during the 2011 London riots. Analysts tracked the spread of misinformation, and the organisation of unrest on platforms like Twitter and Facebook. In 2024, police repeated these intelligence techniques to successfully combat rioting again in the UK.
Similarly, during the COVID-19 pandemic, OSINT analysts monitored social media platforms to track the spread of misinformation about the virus. By identifying patterns in false claims, public health organisations were able to launch targeted information campaigns to counteract the misinformation. This reduced public anxiety, and kept the public safe from harm - all by simply following the Intelligence Cycle.
Why is Distinguishing OSINT from OSINF Important?
The terms OSINT and OSINF are often (mis)used interchangeably. However, you don’t want to be mixing these up. Understanding the unique roles these concepts play makes sure that the information you gather leads to only informed, effective, and ethical decision-making.
Here’s why distinguishing OSINF from OSINT matters:
Enhancing Accuracy
OSINF is raw unrefined data collected from various public sources, so it can be misleading, contain inaccuracies or be incomplete. Once this data has been processed, analysed, and verified to become OSINT, it’s actionable intelligence that is reliable and relevant by definition. This makes distinction between the two especially important in high-stakes fields like counter-terrorism or criminal investigations.
Optimising Resource Allocation
Processing raw OSINF data into actionable intelligence requires time, expertise, and technology. By clearly differentiating between OSINF and OSINT, organisations can optimise resource allocation; prioritising the analysis and validation stages of the Intelligence Cycle, rather than expending resources on gathering excessive amounts of unprocessed information. Organisations won’t be overwhelmed by OSINF, but instead will focus on producing high-quality OSINT that can drive action and not just fill out a spreadsheet..
Supporting Legal and Ethical Standards
OSINT from OSINF supports legal and ethical standards. The process of converting OSINF into OSINT involves careful consideration of privacy, consent, and data protection laws like CCPA and GDPR. Organisations can avoid the pitfalls of using unauthorised or unreliable sources. This not only protects the organisation from legal repercussions but also helps maintain public trust, particularly in sectors where privacy and ethical considerations are important.
Streamlining Decision-Making
Finally, the distinction between OSINF and OSINT streamlines decision-making processes. OSINF is time-consuming to parse, and prone to misdirection. Meanwhile OSINT, processed and actionable, provides decision-makers with clear information that can be quickly understood and acted upon. This efficiency is needed in urgent situations, such as responding to emerging threats or seizing fleeting opportunities.
Open-Source Data: Is OSINF Useful On Its Own?
While OSINT focuses on turning OSINF data into useful findings for purposes like security or investigative journalism, OSINF is still widely used across different fields in its raw form. Sometimes OSINF is powerful enough on its own. Several of our Case Studies demonstrate how journalists can utilize OSINF data pre-analysis - as evidence, self-explanatory proof or more.
Néstor Espinosa Robledo, an investigative journalist in Colombia, uses OSINF to reveal corruption and humanitarian crises. Through publishing publicly accessible OSINF data, such as government contract records and social media activity, Nestor exposes corruption within the Colombian government. Read about his discoveries here and here.
Conclusion
To recap, OSINF is the raw data, and OSINT is the actionable intelligence derived from that raw data through careful analysis and processing. OSINF can be useful in its own right, but in order to conduct effective investigations, knowing the difference between Open-Source Information and Open-Source Intelligence is vitally important.
