Intelligence Research II—Open Source Intelligence (OSINT)

Course Description

This foundational course teaches students to identify and develop pivot points or leads in investigations across multiple use cases.

Students will review the basic functions of open source tools and learn when and why to use them in their research. They will apply their skills to several scenarios drawn from frontline experience, including executive-level RFIs, incident response investigations, and information operation campaigns.

As they work through these scenarios in a lab environment, students will apply their knowledge of tools such as VirusTotal, Alienvault, PassiveTotal, and Facebook, and use advanced search engine techniques.

Learning Objectives

After completing this course, learners should be able to:

• Configure their systems to ensure good operational security (OPSEC) and safety while researching
• Keep detailed case notes and avoid getting lost in their research
• Think critically about when and why to use a particular tool within the context of a research task
• Navigate basic functions of several common OSINT tools
• Identify and use investigation pivot points and artifacts

Who should attend

This is a foundational level course for cyber practitioners who must safely and efficiently conduct research as part of investigations or in response to RFIs.

Prerequisites

Students should have taken Cyber Intelligence Foundations and Cyber Intelligence Research I—Scoping or have equivalent knowledge.

Delivery method

In-classroom, virtual instructor-led training or on-demand

Duration

• 2 day (in-person delivery)
• 3 days (virtual delivery)