You are using an outdated browser. Please upgrade your browser to improve your experience.
Skip to content
FREE eBook: Explore the role of AI in OSINT Read Now

In this blog, Fivecast Tradecraft Advisors draw on their expertise to discuss the intricacies of Open-Source Intelligence best practices, and the power of entity-centric collection.

Mastering Advanced OSINT techniques

Open-Source Intelligence (OSINT) and Publicly Available Information (PAI) Research Courses have traditionally focused heavily on teaching students how to build keyword queries to uncover content of interest. If any readers have sat through one of these courses, Boolean Logic, Google Dorking, and even just using “Advanced Search” options on social media sites are likely coming to mind. These techniques are indeed critical to know about and then employ in order to uncover the content of interest, which is why they’re so common in these courses. For example, in protective security efforts, analysts looking to uncover overt mentions of threats, facilities, events, protectees, or brands can and should rely heavily on keyword searching.

That being said, relying solely on keyword searching can lead analysts to miss important information and run into the following challenges:

  • Significant volumes of irrelevant data – noise – returned by certain searches
  • Limits returned data to indexed and searchable content
  • Constrains analysts to their own biases and previous subject matter expertise – i.e. what keywords/parameters they know about
  • Nefarious actors employ obfuscation efforts (e.g. emojis, codenaming, media-embedded text, secure platforms) to avoid text detection
  • Focuses on what is overtly said as opposed to what data is implied, depicted in media, or revealed through relationships

Request the Industry Brief- Getting Started with OSINT

Keyword centric queries, while critical in certain situations, should not be the sole – or even default – focus for intelligence analysts and investigators. Instead, focusing on curating sources of information and identifying key entities, forums, and communications channels online should become the new gold standard for finding more information about a threat group and maintaining situational awareness. This shift in focus to identify the actors and communities behind the content is called entity-centric collection.

Beyond Keywords: The Power of Entity-Centric Collection in OSINT

Entity-centric collection can include locating the key influencers on a topic, individuals active in a region, or actual members or communities relevant to the investigation or reporting. These entities could be social media accounts, pages, feeds, blogs, forums, or channels of interest.

Request the Entity Centric Industry Brief

Entity-centric collection overcomes the above challenges and allows analysts to start collection small, avoid noise, pick up on non-text-based communications, and build their expertise and awareness based on the sources themselves.

This is not to say that you should never use your Google Dorking skills again! However, know when to employ keyword searching and when you might be unintentionally limiting your own research efforts, understanding of a topic, or awareness of a threat.

Optimizing OSINT: Combining Keyword Searching with Entity-Centric Strategies

For those analysts and investigators who are new to entity-centric collection but have deep expertise in keyword or content collection – don’t worry! You’re actually ahead of the game in some ways, as those searches, you’re used to running can uncover the entities you can focus on moving forward. Whether you’ve thought about it this way or not, you almost certainly know some (or all!) of the major accounts, pages, feeds, or channels involved in your research topic, investigation, or collection effort and they are a good place to start building out your entity-centric collection.

Fivecast ONYX revolutionizes OSINT by enabling organizations to master advanced techniques through entity-centric collection. By focusing on key influencers, active individuals, and relevant communities, Fivecast ONYX overcomes the limitations of traditional keyword searches. This approach allows analysts to avoid irrelevant data, uncover non-text-based communications, and build a comprehensive understanding of threats and situational awareness.