Open source intelligence for increased security
We analyze publicly available information about your board members, supervisory directors, and executives, assess potential risks, and support you with concrete recommendations for action.
500+ customers place their trust in us - from startups to large companies
Many attacks start with publicly available information
OSINT stands for open source intelligence.
‘Open source’ refers to publicly available information.
‘Intelligence’ means the targeted linking and analysis of this data to gain actionable insights.
An OSINT analysis (or investigation) is a structured research effort that evaluates only publicly accessible sources, such as:
This information is freely available - and therefore also accessible to attackers.
state-sponsored groups, cybercriminals, or extortionists deliberately analyze what can be found online about exposed individuals, such as:
Those who carry responsibility are in the spotlight
The following screenshots show selected excerpts from a sample OSINT results report for the target individual Martin Klein. They provide an impression of which publicly available information can be collected, how it is assessed, and which recommendations for action can be derived from it - ranging from a management summary and risk analysis to concrete protective measures. (Real reports naturally contain confidential data and therefore cannot be shown here.)
Our experience shows: those who carry responsibility are often more exposed than they realize.
A targeted analysis provides clarity - before it turns into a risk.
Discreet. Legally compliant. Confidential. Experts who live security!
We discreetly analyze what can be found about your executives / exposed individuals. This is a manual and individualized investigation.
We work exclusively using legal OSINT methods, fully GDPR-compliant, without any technical interventions.
We provide a transparent evaluation of digital exposure including possible attack scenarios, such as social engineering, identity theft, or account compromise.
We recommend specific measures and assist with prioritization to effectively minimize risks - both organizationally and personally.
Upon request, your executives receive a confidential one-on-one briefing with recommendations for self-protection.
Our services adapt to your needs - from short-term support to long-term partnership. Always with a clear, transparent cost structure.
Our OSINT experts have in-depth knowledge and structured working methods that advance your security.
Not just theory: we deliver concrete measures that work in everyday life for exposed individuals and the company.
OSINT analyses are an ideal complement to
At the beginning, we define the scope of investigation together with you. Depending on the threat scenario, the social environment - such as publicly visible interactions or connections - may be included in the analysis, but only to draw conclusions about the target person. A targeted analysis of friends or family members is not conducted.
For the initial research, we usually require only a few details: In many cases, name and employer are sufficient - information typically already available as part of the assignment. Based on this, we start the systematic evaluation of publicly accessible sources to create a meaningful profile of the target person.
If, during the process, a targeted reverse search becomes necessary - for example, to verify whether certain data (e.g., email addresses or phone numbers) appear in known data leaks, or to simulate what an attacker could do with additional personal information - we will coordinate this with you. If you have not yet provided such data or if we have not identified it during research, you can supply it as needed.
Individual threat situations or specialized risk factors can be communicated in advance - they will then be considered with increased attention in the further analysis.
The core of the analysis is the structured evaluation of publicly accessible information from open sources (open source intelligence). These include, among others:
The goal is to create a consistent and realistic situational picture from individual - often seemingly harmless - fragments of information that makes potential risks and attack vectors visible.
Based on the researched information, we identify
that could be specifically exploited for attacks such as:
At the conclusion, you will receive a comprehensive report that provides a structured overview of publicly available information about the target person, as well as derived threat scenarios and potential attack paths.
The analysis is complemented by a transparent risk assessment with clearly prioritized recommendations for action to effectively reduce the attack surface.
Upon request, we offer a confidential one-on-one consultation for particularly exposed or vulnerable individuals within the company.
Through targeted OSINT analyses, we uncover potential attack vectors and support you in effectively protecting your exposed individuals.
Cyber Security Consultant and OSINT expert at HvS Consulting
Patrick is a Cyber Security Consultant with nearly ten years of experience in professional cyber security environments. He conducts both penetration tests and OSINT investigations, giving him comprehensive expertise in both disciplines.
His parallel work in these areas enables him to realistically assess organizations and individuals from an attacker’s perspective. Publicly available information is analyzed within the context of specific attack scenarios and evaluated with regard to its practical relevance.
He further underlines his professional qualifications with certifications such as the GIAC Strategic OSINT Analyst (GSOA).
Co-Head of Incident Response at HvS Consulting
He has extensive experience in incident response and digital forensics for DAX 30 and FTSE 500 companies. Marc feels at home in two worlds – offensive security and incident response: While his daily work focuses on the analysis and remediation of security incidents, he does not hesitate to pick up hacking tools himself during purple teaming exercises.
He also actively contributes his expertise to OSINT analyses, demonstrating how publicly available information can be systematically identified and misused, and deriving concrete measures to minimize risk from these insights.
We analyze which publicly available information about defined target individuals (e.g., board members, supervisory board members, executives) can be found online - for example, on websites, social networks, press articles, data leaks, forums, or darknet sources. The goal is to identify potential risks and attack surfaces based on this information.
Usually, the name and employer of the target person are sufficient. Additional information such as an email address or phone number is optional and only necessary for specific cases. If additional data becomes helpful or relevant during the analysis, we will coordinate this with you during an interim review.
Yes. The entire analysis is based on legal OSINT methods. No systems are hacked, no protected areas accessed, and no technical security measures bypassed. We document all sources transparently.
Additionally, the investigation is conducted only with the consent of the target individual.
All information is newly researched at the time of the analysis. We do not work with pre-existing databases. If needed, regular re-analyses (e.g., semi-annually) can be offered.
The analysis is, of course, conducted confidentially and in compliance with GDPR. All data will be deleted upon request after the project is completed.
Yes, we offer confidential one-on-one briefings for the affected individual -e.g., to raise awareness or to discuss specific measures that are better kept private.
With over 80 highly qualified cyber security experts and more than 20 years of experience, we support over 500 satisfied customers - including 50% of DAX-listed corporations and hundreds of medium-sized companies.
In addition, we have already sensitized over 1 million employees, managers, administrators and developers with our awareness training.
We are convinced that the values of our society must also be protected in cyberspace. That is why we help organizations to protect themselves with the right combination of technologies, processes and people.
In concrete terms, this means:
In all of this, we take the approach of transferring successful cyber security strategies from corporations to SMEs with a sense of proportion and pragmatism, using high-quality best practices and standards.
In short: we see ourselves as a “boutique” and deliver quality instead of quantity.
Professional industrial espionage often involves physical attacks or insider attacks (social engineering), even if the target is in cyberspace. Our social engineering assessments protect your company from social engineering attacks.
Sensitize your employees, managers, administrators and developers with a holistic cyber security awareness campaign.
Which systems are accessible and potentially vulnerable? Our vulnerability scan identifies security gaps, shadow IT and forgotten services - before attackers do.
Security audits are your opportunity to have the efficiency and effectiveness of your established ISMS confirmed. Arrange an audit appointment with us today.