FAQ
OSINT, is it legal?
Yes, OSINT (Open Source Intelligence) gathering is legal when information is obtained from publicly available sources. However, it's crucial to abide by the laws and regulations of the jurisdictions you're operating within. Ethical considerations are also essential, ensuring you're not infringing on privacy or engaging in illicit activities.
How can OSINT methods and tools help improve the security
of my organization?
OSINT tools and methods provide valuable insights by analyzing publicly available data and identifying potential security threats, vulnerabilities, or reputational risks. By monitoring online chatter, identifying data leaks, or understanding how your organization might appear to external eyes, you can proactively strengthen your security measures. In addition, this has a positive effect on the personnel selection process, as it facilitates the initial screening and allows you to check the candidate in more detail if he arouses interest or doubt, which in turn reduces the likelihood of reputational and other types of risks.
What is due diligence and why does my company need it?
Due diligence involves comprehensive research and analysis conducted before entering into agreements, partnerships, or investments to ensure informed decision-making. It helps mitigate risks by uncovering pertinent information about entities, individuals, or markets, safeguarding your company from potential legal, financial, or reputational damage.
What is the difference between due diligence, OSINT, and SOCMINT?
Due diligence is a broader investigative process encompassing various methods, including OSINT (publicly available information) and SOCMINT (Social Intelligence, focusing on social interactions and networks). OSINT involves extracting information from publicly accessible sources, while SOCMINT delves deeper into social relationships and behaviors.
What is operational security, and why is it important?
Operational security (OPSEC) involves safeguarding sensitive information by controlling disclosures that adversaries could exploit. It's crucial as it helps protect your organization's plans, capabilities, and activities from potential threats, ensuring confidentiality, integrity, and availability of sensitive data.
I want to investigate on my own. What tools can I use?
There are various OSINT tools available like search engines, social media analysis platforms, data mining tools, and specialized software for information gathering. Tools like Maltego, Hunchly, or Shodan can assist in collecting and analyzing data. At PPA we try to adhere to the statement that methodology is more than tools. Therefore, one of our areas of work is education.
How does an OSINT investigation occur, and what are its quality criteria?
An OSINT investigation involves identifying information needs, gathering relevant data from public sources, analyzing and verifying the gathered information, and producing actionable intelligence. Quality criteria include accuracy, reliability, relevance, and ethical handling of information throughout the investigation process. Validation from multiple sources further enhances its credibility.
What makes up pricing in the field of investigations, due diligence and OSINT?
-
Scope of Work: The complexity and depth of the investigation or due diligence process significantly impact pricing. A broader scope requiring extensive research, analysis, and validation of information tends to be priced higher.
-
Type of Information Required: The specificity and sensitivity of the information sought also affect pricing. Investigating financial records, legal history, or complex network analyses may incur higher costs due to the specialized expertise and resources needed.
-
Tools and Technology: The use of specialized tools, software, and technology for data collection, analysis, and validation can influence pricing. Licensed software, proprietary databases, or advanced analytical tools may increase costs.
-
Expertise and Experience: Rates often vary based on the expertise and experience of the professionals conducting the investigations. More seasoned investigators or specialists in niche areas might command higher fees.
-
Timeframe: Urgency plays a role in pricing. Expedited services or tight deadlines might incur additional costs due to the need for prioritization and dedicated resources.
-
Complexity of Sources: Accessing and analyzing information from diverse, complex, or less accessible sources could increase the overall cost due to the effort and resources required.
-
Risk and Legal Compliance: Compliance with legal regulations, risk assessment, and ensuring ethical practices can affect pricing. Higher-risk investigations might require additional safeguards, potentially impacting costs.
-
Deliverables and Reporting: The type and depth of the final report or deliverables expected by the client also influence pricing. Comprehensive reports or actionable intelligence may involve more resources and thus a higher price.
-
Geographical Factors: Investigations that involve international elements or require navigating various jurisdictions may impact pricing due to the complexity of accessing information and complying with different legal frameworks.
Understanding these factors helps both the investigative service provider and the client determine a fair and reasonable pricing structure that aligns with the required level of detail, expertise, and resources involved in the investigation, due diligence, or OSINT services.
Contact us
Still have questions? Contact us and we will be happy to help you with the answer!