AUTHORIZATION REQUIRED — SPECIALTY VERTICAL
OSINT engagements require identity verification and written authorization before scope is approved. Government-issued ID and signed authorization letter are required from both parties. This protects the client, the scope, and the integrity of the engagement.
Review authorization workflow →03 — OPEN SOURCE INTELLIGENCE
Authorized OSINT due diligence with
clear method and lawful scope.
SOURCE × RELIABILITY × ACCESSIBILITY × LEGAL STATUS
| SOURCE TYPE | RELIABILITY | ACCESS | LEGAL | NOTES |
|---|---|---|---|---|
| WHOIS / DNS history | ●●●●● | Open | ✓ | Variable post-GDPR. Passive DNS via SecurityTrails. |
| Shodan / Censys | ●●●●● | Open | ✓ | Publicly indexed infrastructure. Passive only. |
| Corporate filings | ●●●●● | Open / Gated | ✓ | Sec. of State, SEC EDGAR, PACER. Highest ground truth. |
| Court records | ●●●●● | Open / Gated | ✓ | PACER, state courts, Westlaw. Requires account. |
| LinkedIn / Professional | ●●●●● | Semi-open | ✓ * | Self-reported. Platform ToS applies. No scraping. |
| Social media | ●●●●● | Open / Semi | ✓ * | Public posts only. No account deception. |
| Data brokers | ●●●●● | Paid | ✓ | Aggregated, often stale. Corroboration only. |
| Dark web / forums | ●●●●● | Gated | Conditional | Not standard. Discussed at scoping if relevant. |
● = reliability unit (five max) · * = platform ToS governs
STANDARD SCOPE
- →Corporate entity structure + beneficial ownership
- →Digital footprint: domains, infrastructure, exposure
- →Key personnel: public record only
- →Litigation history, regulatory filings
NOT IN SCOPE — ANY ENGAGEMENT
- ✗Private individual surveillance without authorization
- ✗Account intrusion or credential access
- ✗Identity creation / social engineering
- ✗Anything requiring deception of a third party
IDEAL CLIENT
Decision-makers who need defensible due diligence and counterparty intelligence with clear legal scope and evidence-chain discipline.
PRIMARY OUTCOME
Lower counterparty risk before commitments, with source-backed reporting suitable for executive and legal review.
NOT A FIT
Unverified authority, personal surveillance asks, or any request outside explicit legal and authorization boundaries.