5 Best OSINT Tools in 2022
By Blackdot Solutions
Get the latest news and insights sent straight to your inbox
OSINT (Open Source Intelligence) is an increasingly important part of investigation best practices in contexts ranging from anti-money laundering (AML) to fraud and military intelligence. A big part of building an effective OSINT strategy is finding the right tools.
The volume and complexity of open source data makes manual data handling an ineffective OSINT solution. This is one reason why there are so many types of OSINT tools on the market. Understanding these tool types, options and approaches will allow you to align the right tool with your investigative goals. Here, we will provide you with an introduction to the available options, and help you to make the right choice.
What kinds of OSINT tools are there?
Any investigation has multiple stages, including collection, processing, analysis and distribution of information. Some tools are designed to assist with a single stage, others span the entire investigatory process. There isn’t just one way to categorise different OSINT tools. However, we believe it’s useful to think about three main types —
- Collection tools: These tools aid in the collection of open source data from one or more sources, such as corporate records data, publicly available social media etc.
- Analysis tools: These tools use process automation and natural language processing to identify patterns and correlations between the data you’ve collected, helping sift through large amounts of data and highlight actionable insights for the investigator.
- Visualisation tools: These tools make it easier to view your data in a digestible format using graphs, charts and maps. This helps with analysis and makes reporting your findings more meaningful and engaging.
The tools you choose have a direct impact on the types of investigations you can undertake effectively. It’s important to consider features and applications specific to your needs, as well as key benefits offered. The fewer tools you need to use, the easier it will be to organise your investigations, and less manual effort will be required to do so. Furthermore, a single platform reduces the need for additional data integrations, which can ultimately lead to cost savings.
Videris: A full-spectrum OSINT solution
Videris allows users to collect, analyse and visualise open source data within one platform. Its focus is on extracting maximum value from open source data.
Videris was initially built as an in-house solution for risk agencies, designed based on the workflows of experienced investigators in order to enhance the way they work. It was quickly adopted by government agencies already engaged with OSINT that needed advanced support. We have brought this platform to the private sector in order to improve OSINT adoption in a wide range of contexts.
- Intelligent Automation (IA): Automate repetitive tasks such as collecting data from multiple sources, or highlighting connections, while leaving decision-making in the hands of experienced human operators.
- Open platform: Videris is easy to integrate with other systems, making it a seamless fit for any investigative workflow.
- Network mapping: Generate visual representations of structures such as corporate or social networks to save time and make it easier to identify insights.
- Search multiple sources at once: Query any number of sources at once and aggregate your results into one view. This simplifies workflows and is particularly useful for uncovering hidden information on the dark web.
- Security: Guarantee that analysts remain secure and untraceable throughout investigations.
- Social media (SOCMINT) tools: Securely map and understand public social media data, and highlight connections between individuals and their networks.
- Cross-matching and automated red-flagging: Automatically flag names, addresses and other similar data to avoid missing important links.
- Charts and visualisation capabilities: Sort and interpret complex data as an interactive chart that highlights possible connections.
Videris is uniquely suited to simplifying your OSINT process because it combines collection, analysis and visualisation capabilities within a single platform.
By utilising open data sources, it’s possible to build a detailed profile of an individual, company, group, or network. Videris is compatible with a full range of OSINT sources, making it possible to engage in advanced open source investigation techniques and deploy Videris in a wide range of contexts, such as —
- Anti-financial crime (AFC) and anti-money laundering (AML)
- Risk analysis and due diligence
- Counter-terrorism and other national security use cases
- Organised crime investigations and law enforcement
- Anti-corporate espionage and brand protection
Despite the complexity of the subject matter and the wide range of features, Videris is simple to use. It’s a single platform that can centralise your entire OSINT investigation. Investigators are able to avoid complex manual processes and are kept secure, conducting searches through the anonymous Videris browser.
Minimal training is required to get started, and the range of open data sources that come pre-configured allows users to extract valuable insights from multiple sources at once, including dark web data sources. According to a recent Videris case study, ‘Videris had a very short time to value compared to other tools Berlin Risk had reviewed. It didn’t require prior technical knowledge and investigators describe it as a professional, intuitive, user-friendly solution.’
i2 Analyst’s Notebook: Data visualisation and analysis
i2 Analyst’s Notebook, made by IBM, is an intelligence solution that specialises in the analysis and visualisation of structured data, including OSINT data. Users are able to configure their own internal sources, or install additional connectors to add external data for analysis.
- Link analysis environment: Visualise data and identify relationships between people and organisations using association charts.
- Timeline analysis: Views that display connections between information on a timeline for analysis.
- Social network analysis: Analyse and examine group structures and communication.
- Statistical views: Drill down into the contents of your data using bar charts, histograms and heat matrices.
If you’re already using a separate application for the gathering of data, i2 Analyst’s Notebook can be used for analysis and generating visualisations across various contexts, most commonly —
- Law enforcement
- National security
- Cyber security
- Fraud prevention
By focusing on the visualisation and analysis elements of OSINT investigations, i2 Analyst’s Notebook offers analysts a variety of ways to view their data. This not only benefits the analysis itself, but also provides more interesting ways of reporting findings to stakeholders. It’s worth noting that the platform can be used to visualise open source data, along with other internal data sources.
However, search and collection tools are needed to acquire data for analysis in the first place. This requirement to partner i2 Analyst’s Notebook with other tools or manual processes makes it harder to use, and of limited use to investigators that don’t already have solutions for the targeted collection of OSD.
Looking to learn more about the challenges that comes with using open source data?
Download this free report to explore ways in which technology can help generate better outcomes from OSD and OSINT.
Palantir: Big data analytics
Unlike the other tools on this list, Palantir is a big data analytics platform, not a dedicated OSINT tool. However, it’s deployed within OSINT investigations, and is particularly popular among government and military intelligence users.
- Flexible platform: Palantir can be configured to fit numerous feature requirements, however, it is complex, and therefore requires a large number of service hours to do so.
- Manage multiple internal data sources: Organise, manage and secure data from various internal sources within a single platform.
- Pattern recognition: Analyse and identify patterns within large datasets to aid your OSINT investigation.
- Process large amounts of data: Specialising in big data, Palantir can cope with processing massive amounts of data from multiple data sources at once.
Palantir is ideal if you need to carry out a detailed investigation using huge amounts of data. Its data analysis functionality is very detailed, and it can be used for almost any use case, although this comes at a cost. However, Palantir is not a data collection tool or a specific OSINT solution. You have to feed it the information you want to analyse. Much like with IBM’s i2 Analyst’s Notebook, you’ll need to make sure that you have an OSD data collection framework in place before investing in Palantir. With this framework, the power provided by Palantir makes it ideal for —
- Military intelligence
- National security applications
Palantir offers a range of powerful tools for data analysis capabilities that can be critical for specialist investigators. Just make sure you have time to set it up, configure a solution, and feed it relevant data for analysis. If you are looking for a solution that is purpose-built for OSINT and available out of the box, other products may be a better fit.
Maltego: An OSINT and graphical link analysis tool
Maltego allows you to visualise and manage your open source data in a unique and visually appealing way. Using what they call ‘Graphs’, you can view your data, build collections, and link records with ease.
- View up to 1 million records on a graph: Visualisation tools make it easy to view a large number of records in one interactive view.
- Access around 60 data sources: Add various open data sources quickly using the Maltego Transform Hub.
- Connect internal and external data sources: You can use the external sources available, or configure and add your own internal data.
- Pattern detection: Use different shapes and layouts to make it easier to analyse and identify patterns.
Aimed at more technical users, Maltego is great for visualising investigation data. It’s able to analyse intelligence across multiple sources, using plugins that fetch data from different sources. This creates great use cases in —
- Cyber security
- Law enforcement
- Trust and Safety
Users can access pre-made ‘Transforms’ (or data sources) from the Maltego Transform Hub, as well as making their own Transforms to access open data sources Maltego doesn’t support yet, or add internal data. This makes it a great data-mining tool for visualising data from multiple sources. However, it’s important to recognise that many Transforms are developed by community members, rather than the central business, resulting in integrations that can be limited in both their depth and scale.
Maltego is a very good solution for technical users looking to gather and visualise OSINT data. Its capabilities are better suited to small scale use cases, as opposed to larger, enterprise deployments, and those requiring analysis across a range of different OSINT sources.
Cobwebs: An interlocking toolset
Cobwebs provides five products covering various functionality across the investigation process. It’s a powerful solution when all of them are used together, but it’s important to research what each product does.
Note: Cobwebs calls their product a WEBINT (Web Intelligence) solution. Functionally, this term is a synonym for OSINT.
- Web Investigation Platform: Monitor online activity, and collect and analyse data from various open data sources.
- Threat Intelligence Solution: Automatically extract targeted insights from data with AI and machine learning algorithms.
- Secured Analyst Assistant: Their Lynx browser provides a secure browsing environment for manual data gathering and analysis.
- Financial Investigation Platform: AI-delivered insights to support due diligence and threat identification.
- Location Intelligence System: Use interactive maps to analyse location-based data and identify geolocated intelligence.
The Cobwebs suite of tools is focused primarily on helping government agencies, financial institutions and corporations analyse and predict threats. They do this using their machine learning algorithms, and a wide range of media sources to help in a wide range of contexts.
The Cobwebs solution delivers specific capabilities split out over five products. This helps specialist investigators focus on particular types of analysis and phases of the investigation. However, it’s important to consider how this division will impact workflows and the ways in which individuals approach an investigation. In some cases, data being spread across a number of solutions means that additional manual analysis is required, and collaboration becomes more difficult to achieve. If this is a challenge, then an all-in-one platform may be a better fit.
Choose your OSINT tools carefully
It’s important to pick a tool that suits your specific needs, as the choice you make will have a substantial impact on the success of your OSINT investigations. It’s also advisable to research the providers’ ethics and reputation before making a decision. Data collection and analysis is a controversial topic, but it can be done ethically and effectively if you combine the right processes and technology.
If you’re only looking for visualisation capabilities, there are many tools available that can help, all of which offer varying levels of complexity, sophistication and cost. However, it’s also critical to consider how you will collect and process data from a range of both internal and external data sources. If you don’t have a data collection tool, you will need to develop manual processes that are able to securely supply the relevant information needed for effective data analysis.
Videris offers a holistic OSINT solution, providing all of the functionality you need to carry out OSINT investigations in one product. It removes the need to pay for and switch between multiple tools, without sacrificing functionality, making it a critical asset to open source investigation best practice. Get in touch if you want to learn more or book your demo of Videris today.