Tracelight
All posts
how-to·

What is OSINT? A practical primer for investigators

Open-Source Intelligence (OSINT) is the practice of gathering and analyzing publicly available information. Here's how it actually works in modern investigations.

OSINT — Open-Source Intelligence — is the practice of gathering, correlating, and analyzing information that's already publicly available.

The "publicly available" part covers more ground than people realize. It includes obvious things like LinkedIn profiles and corporate registries, but also breach indices (Have I Been Pwned, Dehashed), court filings (PACER + 50 state systems), sanctions lists (OFAC, EU, UN), domain WHOIS, social-media archives via the Wayback Machine, image EXIF data, and dozens of other deep-but-public datasets.

Where OSINT fits in modern investigations

In M&A diligence: vetting executives before LOI for sanctions hits, undisclosed litigation, and reputational red flags. The data room won't tell you that the COO has three pending wage-theft suits in another state — OSINT will.

In employment background checks: complementing a traditional CRA report with social-media history, dark-web exposure, and adverse media. Stock background checks miss roughly 80% of what an employer actually wants to know about a candidate.

In fraud and insurance: finding the social-media post where a "totally disabled" claimant is at the gym two days after the incident. Finding the same address across eight unrelated claims. Identifying claim-mill patterns at scale.

In journalism: vetting sources before publication. Cross-platform identity correlation — is the @handle on Telegram the same person as the LinkedIn profile? — is critical for investigative work where one bad source can sink a story.

The hard part: defensibility

Anyone can run a Google search. The hard part is making the work defensible: timestamping evidence at discovery time, recording the exact API call, preserving the raw response, and being able to reproduce the finding months later when it ends up in a deposition. Manual OSINT lives on screenshots and copy-pasted text, which doesn't survive scrutiny.

A platform like Tracelight bakes the audit trail into every operation — every claim in the report links to a stored evidence row, which links to the raw API response. That's the difference between OSINT as a hobby and OSINT as professional work product.

Where to start

If you're new to OSINT, start with one source per identifier type and learn its quirks well: HIBP for emails, OFAC for names, Sherlock for usernames, PACER for US litigation. Add more as you go. Trying to learn 32 sources at once is a recipe for shallow correlation. Master the depth, then scale the breadth.

OSINTprimerbackground-checks

See Tracelight in action.

32 OSINT workers, court-ready citation trail, signed PDF in under a minute. 7-day free trial — no credit card.

Start free trial Try the demo

More posts

company
Tracelight is live: OSINT investigations with citation-anchored reports
Today we're launching Tracelight — a platform for private investigators, M&A diligence teams, and journalists who need OSINT work product they can defend in court.
how-to
How to verify an expert witness in five minutes
A practical playbook for vetting an expert witness — yours or opposing — using public-records OSINT. The credentials lie, the prior-testimony record doesn't.
how-to
Skip tracing in 2026: what actually works now
Address-history databases lag the real move by a year. Here's what to use instead — and how to combine OSINT signals to find someone in under 90 seconds.