men with headsets working
Penetration Testing Teal Icon

Open Source Intelligence (OSINT)

Identify and reduce the risk posed by sensitive data and information accessible through publicly available sources.  

Service Summary

Bridewell’s OSINT service uses a complete range of information gathering techniques to identify potential risks, vulnerabilities and weaknesses that could be exploited by attackers. Once identified, our consultants can work with you to prioritise them and either isolate or remove the sensitive data before an attacker can utilise it.  

This service is a valuable component of wider penetration testing activities, such as Red Team exercises, and helps simulate a real-life cybersecurity attack on an organisation’s infrastructure, wireless networks, applications or mobile devices.

  • An End-to-End Service - Bridewell needs minimal involvement from your organisation to complete the assessment, reducing the burden on in-house teams.
  • Flexible Engagement for Any Objective - Each assessment delivered by out penetration testing team is customised to address specific security concerns within your organisation.
  • Experience Across Sectors - Bridewell works with organisations across highly regulated and critical industries, providing our pen testers with a deep understanding of the risks and challenges they commonly face.
  • Extensively Accredited - Our penetration testing team holds accreditations from the OSCP, Zeropoint Security CRTOs, CREST, are Tiger-certified and hold Certified Cyber Security Consultancy status with the National Cyber Security Centre (NCSC). 
  • Simulate Real World Attackers - Our team utilise the same tools, tactics and procedures as real-world attackers to accurately recreate real attack scenarios.

Key Challenges Addressed

Many information sources detail valuable data via OSINT such as usernames, job titles, contact details, and recruitment information that can be used to build a detailed picture of an organisation and their people.

This can be used by malicious actors to target their attack and improve their likelihood of success. To address this, organisations need to understand where information is leaking and how it could be used against them. 

However, searching for OSINT can return overwhelming amounts of data, much of which might not prove useful. Instead, organisations need a clear strategy in place for acquiring accurate information that will help them focus their efforts. Given that this requires experience searching for OSINT and a strong understanding of how it can be used, it is uncommon to find these capabilities within most organisations. 

Open Source Intelligence



Our data privacy specialists will work with you to review your data processing activities to ensure that all personal data is being handled in accordance with regulations.

While using the UK & EU GDPR as a benchmark, the assessment will also note all applicable nuances of global data privacy legislation applicable to your organisation. This includes other legislation and standards such as the Data Protection Act and PECR. A GDPR Gap Analysis from Bridewell can also be used as an external audit of their compliance status and act as a complement to an internal audit, if one has already been performed. 

Key Benefits

An Understanding of Your Organisation's Footprint

Gain a comprehensive view of your people and processes, and how attackers may look to exploit them.

A Prioritised List of Potential Risks

Understand which risks and attacks pose the greatest risk to your applications and APIs, and how to address them.

Guidance on Securing Information

Bridewell will provide guidance on how OSINT can be removed from public forums or, where this isn’t possible, otherwise secured. 

Targeted Awareness Training

Enhance your employees’ understanding of how to prevent sensitive information from leaking to public sources.

How it Works

Bridewell uses a combination of active, passive and semi-passive gathering to collect as much information as possible about your organisation from publicly available sources. In particular, our team searches for:

  • Physical security measures for the location
  • Infrastructure and networking detail
  • Full DNS listings of all associated assets
  • Netblock owners (whois data) and email records (MX + mail address structure).
  • Any other information relating to organisations and employees which could potentially be used in future exploits
  • Information from previous breaches and any passwords associated with your organisation’s accounts

The information gathered during this stage is often used to inform wider penetrating assessments from our team, which can vary depending on the specific requirements of your organisation. Our consultants also use these insights to guide your organisation on how they can remove this information or take actions to mitigate the risk posed by it. 

NSCS Certified Services


The term ‘open source’ refers to publicly available information. Open Source Intelligence, OSINT for short, refers to data and information that’s been collected from numerous sources to be used for intelligence purposes. 

OSINT is primarily used in law enforcement and business intelligence, but is also valuable and widely-used by security professionals to help them carry out their services, assessments and security testing procedures.

While Open Source Intelligence does derive a great deal of information from publicly available sources, ranging from social media data to online publications, there are concerns for its legitimacy and accuracy. 

Ready to Take the Next Step?

We’re here to help, so to speak with our team and learn more about how Bridewell can benefit your organisation, just complete the below form and one of our experts will be in touch.