Open-source intelligence, or OSINT, is information gathered from public sources such as websites, social media, company filings, leak sites, domain records, forums, and search engines. In cyber security, OSINT is useful because attackers and defenders both use it to map people, systems, vendors, and exposed data without touching internal networks.
OSINT matters because public details can enable phishing, impersonation, password guessing, or targeting of high-value employees. In extortion cases, a leak-site post, victim name, or truncated sample may suggest risk, but it does not prove a breach by itself. Defenders use OSINT to monitor brand abuse, leaked credentials, and threat-actor claims, then validate them with logs, endpoint telemetry, file-access records, and data samples. Used carefully, OSINT supports investigation; used alone, it can overstate or misread what actually happened.



