You and Your Clients Have a Digital Footprint.
Do You Know What's In It?
The OSINT Playbook for Staying Ahead of Your Exposure
Friday, April 24, 2026, at 12PM ET
Live Virtual Session
Start with a simple exercise.
Pick any organization and spend an hour with nothing but a browser and a few free tools.
A job posting from last spring mentions the EDR platform and ticketing stack by name. DNS records surface a forgotten subdomain still pointing at an old server. A search through certificate transparency logs turns up three client domains under management. LinkedIn fills in the rest: who the senior engineer is, how long they've been there, which certifications they list.
All of it freely available, none of it requiring so much as a login.
Every organization has a footprint like this.
Job postings, DNS records, certificate logs, social profiles, old subdomains. None of it feels sensitive in isolation. Together, it assembles into a detailed map of your tools, your team, and your clients.
That's OSINT (Open-Source Intelligence) and it's the reconnaissance layer that attackers are taking advantage of whether you're aware of it or not.
The good news: the same techniques are just as powerful when you point them at yourself.
Why This Matters for MSPs
As an MSP, your position is unique. You manage multiple client environments, which means your public footprint doesn't just describe your business: it reveals details about the people you protect.
Auditing your public footprint is operational hygiene, not paranoia. Proactive MSPs do it on a schedule. Reactive ones find out about it from a client.
In this SecOps, we’re walking through what OSINT looks like in practice, how it applies specifically to MSP environments, and how you can build a repeatable process for checking your own exposure.
What You’ll Walk Away With:
1. The OSINT Toolkit: What's Out There and How To Use It
We'll walk through the most critical tools that you can start using right away like Shodan, crt.sh, HaveIBeenPwned, and Google dorking techniques. You'll see what each one surfaces, how to interpret the results, and how to use that information to close specific gaps in your
2. Real-World MSP Exposure Examples
We'll look at realistic examples of what passive reconnaissance turns up in MSP environments, like forgotten subdomains, job postings that inadvertently detail your tech stack, and credentials that have surfaced in public breach data. The goal is calibration: understanding what normal exposure looks like so you can spot the things worth fixing.
3. A Self-Assessment You Can Run This Week
We'll close with a hands-on walkthrough of how to audit your own organization's public footprint using the same free tools we've been discussing. You'll leave with a practical framework for identifying what to clean up and how to prioritize it with a repeatable process you can apply to your prospects and clients as well.
Why Join?
With AI driving the emergence of new threats more rapidly than ever before, OSINT is quickly becoming a baseline competency for anyone managing security programs internally and for clients. It’s critical you don’t get left behind.
This session gives the structure needed to learn it, practice it on your own environment, and walk away with action items you can hand to your team the same afternoon.
