INTELLIGENCE ANALYSIS
TRAINING
A practitioner-led virtual training in intelligence analysis using open-source methods. Learn to collect and evaluate publicly and commercially available information, filter noise, and turn raw data into actionable intelligence that supports threat assessments, subject workups, and protective intelligence operations.
COURSE • Applied OSINT for Security Professionals
FORMAT
Virtual · Live Instructor-Led
Duration
4-6 hours
Class Size
1-15 participants
Investment
$500 per student
Delivery
Custom-built for your program
This course delivers a practical, real-world approach to Open Source Intelligence (OSINT) for public safety, security professionals, and executive protection teams. Students will learn how to leverage publicly available information (PAI) and commercially available information (CAI) to support threat assessments, subject workups, and protective operations.
The focus is not just on tools, but on application. You’ll learn how to identify relevant data, filter noise, and turn raw information into actionable intelligence that can inform decisions in real time. By the end of the course, students will understand how to integrate OSINT into protective intelligence workflows and produce outputs that directly support operations.
BUILT FOR
CORPORATE SECURITY DIRECTORS
THREAT MANAGEMENT PROGRAMS
EXECUTIVE PROTECTION TEAMS
SECURITY ANALYSTS
LAW ENFORCEMENT &
PUBLIC SAFETY
AUDIENCE
Who This Training Is For
Applied OSINT for Security Professionals is designed for practitioners who need to produce intelligence products — using publicly available information (PAI) and commercially available information (CAI) — and integrate them into protective intelligence workflows.
01
CORPORATE SECURITY DIRECTORS
Running physical security programs for medium to large enterprises with responsibility for threat management, workplace violence prevention, and facility protection.
02
EXECUTIVE PROTECTION TEAMS
EP agents and program managers who need structured workflows for principal exposure audits, travel advances, and counterparty vetting.
03
IN-HOUSE SECURITY ANALYSTS
Analysts building or formalizing an OSINT capability — who need tiered sourcing methodology, legal boundaries, and repeatable SOPs they can run the next morning.
04
LAW ENFORCEMENT & FUSION CENTERS
Officers and intelligence personnel who work open-source investigations and need to sharpen tradecraft, expand their tool stack, or formalize case documentation practices.
CURRICULUM
Six-Part Training
Six modules across 4-6 hours, delivered virtually with a live instructor. The focus is application, not tools — identifying relevant data, filtering noise, and turning raw information into actionable intelligence outputs.
Part 1 • 30 min
Foundations & Analyst OPSEC
OSINT defined: information vs. intelligence
Publicly available information (PAI) vs. commercially available information (CAI)
The five-stage intelligence cycle
Legal and ethical boundaries (DPPA, CFAA, FCRA)
Documenting permissible purpose
Sock-puppet setup and analyst OPSEC
Part 2 • 45 min
Building Threat Assessments
Six-step facility/site assessment framework
Target mapping and vulnerability identification
Anticipating attack methods from open-source data
Live OSINT tour of a real facility
Mini tabletop exercise
Part 3 • 90 min
Subject Identification & Full Workup
Four identification scenarios: phone, email, in-person, anonymous social
Full tool stack demo (TruePeopleSearch, IntelX, FaceCheck.id)
Breach data and leaked credentials as identification vectors
Username enumeration and social graph mapping
Building a complete subject dossier: associates, addresses, criminal record, breach data
Producing a subject card with citations and source documentation
Part 4 • 30 min
Insider Threat
Running an OSINT sweep on a flagged employee
Legal limits: what you can and cannot do
Cross-functional handling with HR and legal
Structuring findings to protect the organization
Part 5 • 45 min
Executive Protection & Travel Security
Principal exposure audit workflow
Six-step travel security assessment framework
Global OSINT resources (State Dept, OSAC, GDELT)
Live travel workup exercise for your own program
One-page principal brief vs. detail brief format
Part 6 • 45 min
Operationalizing OSINT at Your Organization
OSINT SOP template your team runs immediately
Tiered tool stack recommendation (free → paid)
Reporting procedures and audit trail documentation
CISA, fusion center, and government resource integration
Q&A and action items
What Participants Leave With
OUTCOMES
Concrete deliverables, not just familiarity. Every module ends with a usable product your team can apply the following week.
01
Repeatable Threat Assessment Workflow
A six-step framework for facility and event assessments that produces a defensible intelligence product every time.
02
Subject Identification & Workup Playbook
Workflows for both identifying unknown subjects from minimal starting information and building a complete subject dossier — associates, addresses, criminal record, and breach data — with full source documentation.
03
Written OSINT SOP
A one-page standard operating procedure — intake through deliverable — tailored to your organization’s tools, permissible purposes, and reporting chain.
04
Protective Intelligence Integration
A clear framework for how OSINT collection using PAI and CAI feeds directly into protective intelligence workflows — travel advances, principal exposure audits, and EP operations.
05
Travel Security Report Template
Principal brief and detail brief formats your EP team can execute for any domestic or international engagement.
06
Vetted Tool Stack
A tiered list of free PAI and paid CAI resources, organized by use case, with guidance on permissible use and documentation requirements for each.
INSTRUCTOR • FOUNDER • SEMPER INCOLUMEM
Matt Helmkamp
Matt Helmkamp founded Semper Incolumem after a career in law enforcement and intelligence. He has produced threat assessments, executive protection intelligence, and travel security products for organizations across the public safety, corporate, and private sectors.
This training is built from the same analytical methodology SI uses in live client engagements — not a vendor curriculum or certification program. Every virtual exercise uses real tools, real scenarios, and the same standards Matt applies to analyst-produced work.
Each engagement is customized before delivery: Matt reviews your current program, existing gaps, and recent incidents so the scenarios reflect your actual operating environment, not a generic use case.
Taught By Analysts. Not Trainers.
WHY SI
The difference between intelligence analysis training and intelligence analysis tradecraft is whether the instructor is working cases right now.
Concept-heavy survey courses built around frameworks. Certification-oriented. Taught by educators who aggregate what practitioners publish. No access to real analytical workflows, no understanding of your specific program or threat environment.
Generic Analysis Training
Instruction from an analyst actively producing threat assessments, EP intelligence, and travel security workups for clients — using open-source methods. Your team sees the same analytical methodology, the same tools, and the same documentation standards used in live engagements. Scenario-built for your program before the first session.
Semper Incolumem
This course delivers a practical, real-world approach to Open Source Intelligence (OSINT) for public safety, security professionals, and executive protection teams. Students will learn how to leverage publicly available information (PAI) and commercially available information (CAI) to support threat assessments, subject workups, and protective operations.
The focus is not just on tools, but on application. You’ll learn how to identify relevant data, filter noise, and turn raw information into actionable intelligence that can inform decisions in real time. By the end of the course, students will understand how to integrate OSINT into protective intelligence workflows and produce outputs that directly support operations.
OUR SERVICES
Interested in Ongoing Capability?
Organizations that complete training often continue with SI’s Intelligence Platform for continuous situational awareness, or commission custom Threat Assessment Reports when specific subjects or events require analyst-driven products.