Certified Open Source Investigator®
You can obtain the Certified Open Source Investigator® certificate if you have completed the three-day OSINT training I (Beginner) with us and if you have passed the corresponding exam. If you have successfully completed our training, you may use the title COI® and you may participate in the OSINT training II (Professional), which training is the second module of our SPEN Register training to become a Certified Open Source Intelligence Specialist® and our Post HBO Registertraining to become a Certified Open Source Intelligence Expert®.
Achieve the COI® title
Competencies and Learning Objectives
With the title Certified Open Source Investigator® you indicate that you have certain competencies to conduct a safe and effective OSINT investigation. The competencies and learning objectives relate to formulating an investigation strategy, applying a threat assessment, acting within laws and regulations, collecting, monitoring, recording and processing data and reporting findings. The learning objectives and competencies are shown below in the expandable menu.
The student can name which steps the OSINT cycle consists of.
The student can provide planning and direction (determine a research strategy) for the open source research to be carried out.
The student can formulate clear research questions.
The student can draw up clear requirements with which research questions can be answered.
The student can draw up a data collection plan.
The student can prepare an overview of relevant national and international research sources.
The student knows what information can be found within which research sources.
The student can distinguish reliable sources from unreliable sources.
The student can identify which social media are most used in different countries worldwide
The student can find out which social media are most used in a specific country or among a specific target group in order to tailor research to these platforms.
The student can draw up a threat assessment that includes failure risks, security risks and privacy risks.
The student can select his or her own research resources based on the established research strategy and the established threat assessment.
The student can identify which digital traces may be left behind when the student visits a website or a profile on social media.
The student can explain in his or her own words what privacy risks are associated with leaving digital traces on websites and social media profiles.
The student can explain in his or her own words the security risks associated with leaving digital traces on websites and social media profiles.
The student can explain in his or her own words the risks associated with leaving digital traces on websites and social media profiles.
The student can manipulate their own digital traces in order to control their own security, privacy and research traces.
The student can explain in his own words which hardware components influence the speed and workability of a research machine.
The student can name different operating systems.
The student can explain in his or her own words how different operating systems can be used in open source research and the student can explain what traces these operating systems may leave behind.
The student can explain in his or her own words how a WiFi connection, a mobile 4G internet connection, a proxy server, a VPN connection and the TOR network can increase the anonymity of an internet user and complicate the investigation options.
Within an open source investigation, the student can use a WiFi connection, a mobile 4G internet connection, a proxy server, a VPN connection and the TOR network to manipulate their own digital traces.
The student can name different web browsers.
The student can explain in his or her own words how different web browsers can be used in open source research and the student can explain what traces these web browsers may leave behind.
The student can name various browser settings.
The student can explain in his or her own words how different browser settings can be used in open source research and the student can explain what traces these browser settings may leave behind.
The student can explain in his or her own words how a WiFi connection, a mobile 4G internet connection, a proxy server, a VPN connection and the TOR network can increase the anonymity of an internet user and complicate the investigation options.
Within an open source study, the student can use a WiFi connection, a mobile 4G internet connection, a proxy server, a VPN connection and the TOR network to manipulate their own digital traces.
The student can name different web browsers.
The student can explain in his or her own words how different web browsers can be used in open source research and the student can explain what traces these web browsers may leave behind.
The student can name various browser settings.
The student can explain in his or her own words how different browser settings can be used in open source research and the student can explain what traces these browser settings may leave behind.
The student can name various browser extensions/add-ons.
The student can explain in his or her own words how different browser extensions can be used in open source research and the student can explain what traces these browser extensions/add-ons may leave behind.
The student can identify various public and commercial (OSINT) tools.
The student can explain in his/her own words how various public and commercial (OSINT) tools can be used in open source research and the student can explain what traces these operating systems may leave behind.
The student can name the legislation and regulations that are relevant to him or her.
The student can apply the legislation and regulations relevant to him or her to the open source investigation to be conducted.
The student can look up or inquire about the legislation and regulations relevant to him or her if legislation and regulations appear to be unclear in practice.
The student can explain in his or her own words how the internet works and what role the internet protocol (IP) and IP addresses play in this.
The student can explain in his or her own words the differences between fixed and mobile, dynamic and static and internal and external IP addresses.
The student can explain in his or her own words what an internet service provider (ISP) and a regional internet registry (RIR) are.
The student can use a regional internet registry (RIR) to find out which Internet Service Provider (ISP) manages the block within which a specific IP address falls.
The student can name different search engines.
The student can explain in his or her own words how a search engine works and what information can and cannot be found via a search engine.
The student can identify the differences between the surface web, deep web and dark web.
The student can explain in his or her own words which factors influence the display of search engine results.
The student can tailor the use of a search engine to the information he or she wishes to find.
The student can use a search engine in an advanced way to search for information on the surface web as effectively as possible.
The student can explain in his or her own words what a URL, a domain name, a subdomain and a top-level domain (TLD) are.
The student can investigate the tactical information of a website.
The student can explain in his or her own words what an internet hosting provider (IHP), a registrant, a registrar and a register are.
The student can use formal and informal registers to find out who the registrant and registrar of a domain name are.
The student can map subdomains, web pages and names of a domain name.
The student can explain in his own words what archive files of websites are.
The student can retrieve archive files from a website.
The student can explain in his own words what “geolocating” means.
The student can check whether texts on a website can be found elsewhere on the internet.
The student can explain in his own words how a “reverse image search” works.
The student can use a “reverse image search” to check whether photos and videos on a website can be found elsewhere on the internet.
The student can explain in his own words what metadata and EXIF data are.
The student can extract metadata from files and EXIF data from images from digital data carriers.
The student can determine at which location the photo or video was taken based on the visible information in a photo or video.
The student can determine the distance between two objects via maps and satellite images.
The student can explain in his own words what is meant by social media.
The student can name various national and international social media platforms.
The student can search for users, usernames, user IDs, texts, photos, videos, events and pages on Facebook.
The student can map mutual friends of two or more users on Facebook.
The student can explain in his or her own words what an e-mail header is, how an e-mail header can be opened and how an e-mail header should be examined.
The student can examine an email header.
The student can search for users, usernames, user IDs, texts, photos and videos on X (formerly know as Twitter).
The student can explain in his or her own words what the difference between a “data breach” and a “data leak” is.
The student can conduct research into (data from) “data breaches” and “data leaks”
The student is able to think “out-of-the-box” in order to find research results.
Module 1 does not pay attention to monitoring information.
The student can explain in his or her own words how research results should be recorded so that these research results can be used in legal proceedings.
The student can identify various public and commercial tools that can be used to record research findings.
The student can record research results manually and using existing tools.
The student can explain in his or her own words what information should be included in an investigation report so that an investigation report can be used in legal proceedings.
The student is able to trace the data found to the (provided) basic information.
The student is able to assess the reliability of data from public sources on the internet.
The student is able to assess the validity of data from public sources on the internet.
The student is able to assess the relevance of data from public sources on the internet.
The student is able to process data from public sources on the internet into information.
The student is able to interpret information from data from public sources on the internet in order to draw up intelligence products, which intelligence products meet specific intelligence needs.
The student has a critical attitude and does not take everything for granted.
The student can interpret research data in their context.
The student has an analytical ability to observe connections and patterns between data.
The student can translate texts into foreign languages.
The student is able to prepare clear and reliable research reports based on research questions and research results.
The student can present the reports drawn up.
The student can substantiate how research results were achieved.
Onderdeel SPEN-Registeropleiding
The OSINT-training I (Beginner) is the first of three modules that are part of the SPEN-Registertraing Certified Open Source Intelligence Specialist®.
Part of the Post HBO-Registertraining
The OSINT-training I (Beginner) is the first of three modules that are part of the Post HBO-Registertraining Certified Open Source Intelligence Expert®.
