Rock Layers of OSINT Data Analysis

Over the past year, Mike Raggo and Chet Hosmer have performed GEO OSINT analysis of events to analyze the different types of behaviors, sentiment, and disinformation associated with them. This has enabled them to map out TTPs used by individuals and groups to twist narratives and mislead perceptions. This can disrupt an investigation and therefore requires enhanced analysis to uncover altered images, geolocation breadcrumbs, sentiment, and more to build a chronology of events. In this session, the audience will be walked through their analysis to help investigators bring further intelligence to their data acquisitions and drive deeper investigation into meaningful artifacts. Demonstrations will also be included to brighten the methodologies used for the analysis.

Learning Objectives

  • Steps to performing GEO OSINT analysis
  • How to uncover disinformation, TTPs, and sentiment 
  • Using the data to assemble a chronolocation of bread crumbs critical to the investigation


Chet Hosmer is an assistant professor of practice at the University of Arizona. He is the Founder and Technical Author at Python Forensics, Inc. a non-profit organization focused on the collaborative development of open source investigative technologies using the Python programming language. Chet has been researching and developing technology and training surrounding digital investigation, forensics, data hiding, steganography and cyber security for over two decades. He has made numerous appearances to discuss emerging cyber threats including National Public Radio’s Kojo Nnamdi show, ABC’s Primetime Thursday, NHK Japan, CrimeCrime TechTV and ABC News Australia. He has also been a frequent contributor to technical and news stories relating to cyber security and forensics and quoted by IEEE, The New York Times, The Washington Post, Government Computer News, and Wired Magazine. Chet delivers keynote talks on various cyber security related topics around the world each year.


Mike Raggo has over 20 years of security research experience. During this time, he has uncovered and ethically disclosed vulnerabilities in products including Samsung, Checkpoint, and Netgear. His research has been highlighted on television’s CNN Tech, and numerous media publications including TIME, Forbes, Bloomberg, Dark Reading, TechCrunch, TechTarget, The Register, and countless others. Michael is the author of Mobile Data Loss: Threats & Countermeasures and Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols for Syngress Books co-authored with Chet Hosmer, and is a contributing author to Information Security the Complete Reference 2nd Edition. His Data Hiding book is also included at the NSA’s National Cryptologic Museum at Ft. Meade. A former security trainer, Michael has briefed international defense agencies including the FBI, Pentagon, and Queensland Police; is a former participating member of FSISAC/BITS and PCI Council, and is a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, RSA, DoD Cyber Crime, OWASP, HackCon Norway, and SANS. He was also awarded the Pentagon’s Certificate of Appreciation.

Upload Image...