
Intelligence Research II—Open Source Intelligence (OSINT) Tools & Techniques
(On-Demand Module Overview)
This foundational course teaches students to identify and develop pivot points or leads in investigations across multiple use cases.
Course Description
The course helps learners understand the best times and ways to use an open source tool in research and reviews the basic functionalities of such tools. It encourages critical thinking to help learners push research further across several scenarios drawn from frontline experience, including executive-level RFIs, incident response investigations and information operation campaigns.
Learning Objectives
After completing this course, learners should be able to:
- Configure systems to ensure good operational security (OPSEC) and safety while researching
- Keep detailed case notes and avoid getting lost in their research
- Think critically about why and when to use a particular tool within the context of their research task
- Navigate basic functionalities of several common OSINT tools
- Identify investigation pivot points and artifacts, and understand how to leverage these to drive their investigations forward

Who Should Attend
This is a foundational level course for cyber practitioners who must safely and efficiently conduct research as part of investigations or in response to RFIs.
Prerequisites
Students should have taken Cyber Intelligence Foundations and Cyber Research I (Scoping) or have equivalent knowledge.
Duration
16 hours
Content is available for 3 months from date of enrollment. It can be accessed 24/7 from a standard web browser.
Cost
$2,000 USD or 2 EOD Units
Course Outline
Introduction
- Definitions (OSINT, Intelligence, Collections vs. Research)
- Collection Methods
Employing a Research Model
- 7-Phase Branch Model
- Pivot Points
- Rabbit Holes
- Loose Ends
- Case Notes
- Collaboration Methods
Getting your Systems Started
- The Risks of Research
- Operational Security (OPSEC)
- VPN
- VPN Obfuscation techniques
- VM
- Unattributable Connection TOR
- WHONIX
Techniques and Tools
- Search Engines
- Reverse image Search
- Metadata, Geolocation
- Social Networking
- Social Media Accounts
- Passive DNS
- HTML review
- Encoding/Decoding
Meet your instructor
Shanyn Ronis, Manager of Mandiant Intelligence Training Services
Shanyn Ronis has extensive knowledge and background in Cyber Threat Intelligence and methods for operationalizing intelligence for mission success. Since 2013, she has worked in various cyber intelligence positions, ranging from Intelligence Analyst to embedded Fusion Analyst within a SOC environment, to leading Tier 2 Incident Response. Ms. Ronis is a member of the Forbes 30 Under 30 class of 2017.
