Open-source intelligence techniques applied to companies — ethically, legally, and from public sources only.
OSINT — open-source intelligence — is the practice of producing useful intelligence from publicly available information. It's a discipline with roots in defense and journalism, but the core idea is mundane and powerful: most of what you want to know about a company is already public; the value is in gathering it systematically, corroborating it, and turning it into something you can act on. This is a practical guide to applying OSINT to company research, the right way.
OSINT means open sources only. That's not a limitation to work around — it's the definition. Ethical, lawful company OSINT uses information that's genuinely public: published filings, posted job listings, news, the company's own website, maps, reviews and the open web. It does not involve unauthorized access, bypassing logins or paywalls, social engineering, pretexting, or scraping data in violation of a site's terms or anyone's reasonable privacy expectations. If a technique relies on tricking someone or getting into something you shouldn't, it isn't OSINT — it's a different and often illegal activity. Stay on the open-source side of that line and the rest of this guide applies.
Good OSINT is a loop, not a single search. It runs: define the question, collect from multiple sources, corroborate across them, analyze, and identify the gaps that send you back to collect again. The discipline is in the corroboration — a single source is a lead, not a fact. Two independent sources that agree are far stronger. This loop is what separates intelligence from a pile of links.
For company research specifically, a handful of source types do most of the work:
The hardest part of OSINT isn't finding information — it's trusting it. Three habits keep you honest. First, cite as you go: record where every claim came from, so it can be re-checked. Second, weight your sources: a primary filing outranks a blog post that outranks an anonymous forum comment. Third, watch for circular reporting: ten articles repeating one original (possibly wrong) source is still one source. Date everything, because a true fact from three years ago may be false today.
OSINT only becomes intelligence when it's organized into a product someone can use. For companies, that product is a structured, sourced file — exactly what a company dossier is. Its nine sections mirror the source types above: identity, people, hiring, money, locations, tech, news, relationships and risk, each line tied back to where it came from. You can assemble this manually using the loop above, or use a tool that automates the collection-and-corroboration pass so you can spend your effort on analysis. The how-it-works page shows that pipeline; the sample shows the output.
A few principles keep company OSINT both lawful and responsible. Use only genuinely public information. Respect privacy: focus on the business and the public record, not on surveilling individuals. Don't bypass access controls or a site's terms. Be transparent about your sources, which is also just good practice. And remember the difference between what you can find and what's appropriate to use for a given purpose — for regulated uses like credit or employment decisions, public OSINT is not a substitute for the proper, compliant process. This is general guidance, not legal advice; when in doubt, ask counsel.
OSINT for company research isn't mysterious — it's a disciplined habit of collecting public sources, corroborating them, sourcing every claim, and organizing the result. Do that and you'll understand a company faster and more honestly than someone working from its marketing alone. For the applied version, see how to research a private company and the due-diligence checklist, or just open a free dossier and watch the loop run. Prefer the terminal? The CLI fits straight into a research workflow.
OSINT — open-source intelligence — applied to companies means producing useful intelligence about a business from publicly available information only: filings, job postings, news, the company website, maps, reviews and the open web, gathered systematically and corroborated.
Using genuinely public information is legal. What crosses the line is unauthorized access, bypassing logins or paywalls, social engineering, or violating a site's terms or privacy expectations — those aren't OSINT. This is general guidance, not legal advice.
Official registries and filings are the most authoritative; job postings reveal direction and tooling; news provides a dated timeline; the company's own site, maps, reviews and relationship signals fill in the rest. Corroborate across at least two independent sources.
free. public sources only. every line linked.