• Watch a preview of this course • Discover how to take this course: Online, In-Person sans.org/sec497 SEC497: Practical Open-Source Intelligence (OSINT) GOSI Open Source Intelligence giac.org/gosi SEC497 is a comprehensive training course on Open-Source Intelligence (OSINT) written by an industry professional with over two decades of experience. The course is designed to teach you the most important skills, tools, and methods needed to launch or further refine your investigation skills. SEC497 will provide actionable information to students throughout the OSINT world, including intelligence analysts, law enforcement officials, cyber threat intelligence and cyber defenders, pen testers, investigators, and anyone else who wants to improve their OSINT skills. There is something for everyone, from newcomers to experienced practitioners. SEC497 focuses on practical techniques that are useful day in and day out. This course is constructed to be accessible for those new to OSINT while providing experienced practitioners with tried-and-true tools that they can add to their arsenal to solve real-world problems. The course has a strong focus on understanding how systems work to facilitate informed decisions, and includes hands-on exercises based on actual scenarios from the government and private sectors. We will discuss cutting-edge research and outlier techniques and not only talk about what is possible, we will practice doing it! Dive into the course syllabus below for a detailed breakdown of the topics covered. Course Author Statement “When I started the first open-source intelligence (OSINT) unit for my organization over a decade ago, I was told we had no budget for tools, equipment, or training. I used to joke that one nice thing about not having a budget was that it made many of my decisions very easy. If there was something I needed, I either built it myself or did without. “Coming from that background forces you to understand how things work and what truly matters. In addition to performing countless OSINT investigations, I’ve traveled across the world for over a decade teaching operational security (OPSEC) and OSINT to various government agencies and consulted with numerous private companies, ranging from small start-ups to Fortune 100 enterprises. I have helped hunt down international fugitives, identified online infrastructure for a merger and acquisitions due diligence report, and handled numerous tasks in between. This course allows me me share my experience with what works, what does not work, and how we can achieve our goals with minimal effort and cost.” —Matt Edmondson You Will Be Able To • Perform a variety of OSINT investigations while practicing good OPSEC • Create sock puppet accounts • Locate information on the internet, including some hard-to-find and deleted information • Locate individuals online and examine their online presence • Understand and effectively search the dark web • Create an accurate report of the online infrastructure for cyber defense, merger and acquisition analysis, pen testing, and other critical areas for an organization. • Use methods that can often reveal who owns a website as well as the other websites that they own or operate • Understand the different types of breach data available and how they can be used for offensive and defensive purposes • Effectively gather and utilize social media data • Understand and use facial recognition and facial comparison engines • Quickly and easily triage large datasets to learn what they contain • Identify malicious documents and documents designed to give away your location Business Takeaways • Improve the effectiveness, efficiency, and success of OSINT investigations • Build an OSINT team that can perform a variety of OSINT investigations while practicing good OPSEC • Create accurate reporting of your organization’s online infrastructure • Understand how breach data can be used for offensive and defensive purposes 6 Day Program 36 CPEs Laptop Required “ The module on dealing with large data sets was very helpful. Getting a deep understanding on the challenges large data sets pose and how to work around them is very helpful and practical.” —Jamal Gumbs GIAC Open Source Intelligence As the first and only non-vendor specific, industry-wide OSINT certification, the GIAC Open Source Intelligence (GOSI) certification represents a huge milestone in the worlds of open source intelligence and cyber reconnaissance. It creates a marker from which students can be recognized for their achievements and competence in the OSINT field of study. Whether they are performing social media analysis of a target or just “fancy googling,” the GOSI certification shows they have a strong foundation in OSINT.” — Micah Hoffman, SEC487 Course Author • Open Source Intelligence Methodologies and Frameworks • OSINT Data Collection, Analysis, and Reporting • Harvesting Data from the Dark Web GOSI Open Source Intelligence giac.org/gosi
