Search
Research articles, podcast episodes, and the framework · esc to close
Privacy & Security Research
Independent research on OSINT defense and digital privacy, home of the OSINT Defense & Security Framework
Every sophisticated campaign begins with reconnaissance. Adversaries assemble fragments of public data (profiles, posts, records, metadata) into a roadmap for targeting organizations and the people inside them. PsySecure researches how that exposure forms, and how to systematically take it away.
Reconnaissance is the first step of the kill chain. What can be found will eventually be used.
See yourself as the adversary does. Defensive OSINT maps your exposure before someone else does.
Smaller, well-managed footprints offer fewer opportunities for exploitation than any alert ever will.
The world's first controls-based framework for OSINT risk management: five focus areas that systematically disrupt reconnaissance targeting organizations and their people. Aligned with NIST CSF, ISO 27001, and Zero Trust, and openly licensed under CC BY 4.0.
Minimizing the public exposure of sensitive information about the organization and its people: what surfaces in search results, social platforms, and public databases.
Hardening the human element against attacks that weaponize OSINT: awareness built on real reconnaissance, and verification protocols for sensitive requests.
Controlling the technical attack surface discoverable through OSINT tooling: visible infrastructure, service enumeration, and technology stack details.
Safeguards for high-profile individuals facing elevated targeting and personal risk: personal privacy, travel security, and reputation management across digital and physical domains.
Ongoing surveillance of public data for emerging threats and leaks: breach exposure, leaked credentials, and the capability to respond rapidly.
