Protective Intelligence in Estate Security

(NOTE: This is an abbreviated excerpt from "Estate Security Hacks." Want to download the full article & 21-page PDF? — Click Here


Defining Protective Intelligence

For this article, I'm going to borrow a definition for protective intelligence from the writers at Protective

"Protective intelligence is an investigative and analytical process used by protectors to proactively identify, assess, and mitigate threats to protectees."

That's what I mean in this article when I use the term "protective intelligence!"

Open source intelligence (OSINT) feeds protective intelligence programs a steady diet of information, 24 hours per day. Most of this is empty calories, some of it is red meat, but we don’t know until it’s collected and evaluated.

Real-time social media monitoring (including by geographic location) is the single most practical and effective protective intelligence practice that any estate security program can implement. Anything news worthy (shooting, bomb threat, road closure, earthquake, etc.) is reported on Twitter, Facebook, and Instagram before EMS or the local news have time to put out a bulletin.

You could spend $1,000’s for a yearly subscription to one of the many companies that provide platforms which make this a simple process, or you could use tools that are free.

Why to Consider a Paid Platform

The only feature that matters is key-word alerts, especially those based on geographic location (and there’s no free service that does this). If I can get an alert when people are mentioning the police or EMS within several miles of the principal’s location, then I’m in a prime position to get a head start on mitigating potential threats that may impact the principal. Here is a list of all of the social media monitoring platform companies that were represented at the ASIS annual trade show this year: Thred, LifeRaft, SamDesk, Dataminr, Echosec, Babel Street, and a few others that aren’t worth your time.

I am not an advocate for any particular platform because I think there are better platforms in the works as we speak. That said, any of the above platforms should meet the standards of any residential security program.

I’m Cheap and I Don’t Want to Pay

Well, you can actually collect a decent amount of information from geography based social media posts, without using a paid service–you’re just going to have to work a little harder. Below are several links that allow you to view social media posts by geographic area:

  1. Twitter Advanced Search (plug in coordinates/city for geographic search)

  2. Tweet Map

  3. YouTube Map

  4. Periscope Map

*To some degree, users are more conscious about location settings, privacy, and geotagging of their activities, which may be why Instagram no longer has a map view feature. However, a large number of users remain either ignorant or otherwise happy to share their personal information with the public.


OSINT, Risk, and Protective Intelligence

Again, the line is blurred between where each of these starts and ends: our risk assessment, OSINT investigations, and protective intelligence.

Here, I am going to outline 3 key areas that executive protection managers and estate security professionals should lend attention to as it relates to protective intelligence.

  • Maps & satellite imagery

  • OSINT information linked to the estate

  • Digital privacy (countermeasures)

Since you’re the refined executive protection specialist that you are, you have already viewed images of the estate you’re protecting via every online medium. You did that because you needed that information in your initial risk assessment and any subsequent reassessments. But in case you wanted to review once more, what the adversary can see, then I suggest you consider the following.

Side note: Why does this matter? It matters because any creep can remotely survey the estate, outline likely security vulnerabilities, and identify vehicles associated with the estate, all without leaving their parents’ basement. Also, the information located via these open sources is constantly changing and should be reviewed periodically as part of your risk assessment. You need to know the principal’s attack surface don’t you?

Second side note: if you’re bored out of your mind in a command center, what do you have to lose? Try the following.


Homework Assignment #1

  1. Go to

  2. Click the “Tools” category near the top of the page - Click “Satellite Views” in the left side bar

  3. Bam! There’s access to 29 different views, perspectives, and insights about your estate.

* If you’re going to use the “submit all” function on this page (which is most efficient), you need to be using Firefox.


Our next area of concern is OSINT information connected to the estate. This would revolve around information connected to the estate address and the residents’ names. This is a massive research project and it would require 10,000 words to explain. But you would ideally start with the address, and the residents’ names, then go from there. Read on…

Homework Assignment #2

  1. Go to Purchase OSINT Techniques, 5th Edition

  2. Once you have the book in your possession, use every relevant tool in this book (starting from page 1) to search your two pieces of information (address and names).

  3. Then expand as necessary, as you uncover more information connected to the address & residents. Reminder: follow Bazzell’s advice, don’t forget to use alias accounts and a VPN!

*Disclaimer: I don’t have any partnership with Intel Techniques or Michael Bazzell, it just happens that he has one of the best products/books/podcasts out there for learning & practicing OSINT.

This will take you 2 weeks to do, but once you’re complete, you’ll have a (relatively) advanced understanding of OSINT research. Plus, your risk assessment will be more in-line with reality once you understand the principals' online presence. You will have some work to do in addressing the issues that you uncover during your research, but this is the most rewarding part!

We’re almost there.


Homework Assignment #3

Your next assignment is to take proactive measures to minimize the online presence relating to those two pieces of information that you’ve been searching (address/names).

Let it suffice to say that it is ideal for there to be no information online (or in public documents) connected to the address or residents.  But since that’s a fantasy, it would be more acceptable for there to be information about the address/names online, provided that it is disinformation. It would take some work, but it’s doable. Even Wikipedia can be fed disinfo!

Sorry, but I'm recommending one more book by Michael Bazzell. Check out "Hiding From the Internet." It's a phenomonal book about digital privacy.


Thanks for reading!

PS: Did you miss the “Estate Security Hacks” 21-Page PDF that I published? —Access it here.


About the EP Nexus Blog

The EP Nexus executive protection blog, is a comprehensive resource for security professionals involved in executive protection, protective intelligence, threat assessment, and related fields.

Launched in March of 2016 as a resource for executive protection professionals, command center gurus, and close protection know-it-alls, EP Nexus is quickly becoming a resource for those seeking to quench their thirst for executive protection reading.

The most popular section of the blog is Executive Protection HacksEP Hacks is a series in which we address complex topics (one topic per issue) in a convenient collection of tools & writings. I am actively collaborating with industry leaders to produce future issues. If you're interested in taking an active approach in moving your industry into the future, contact me below.

Outside of EP Hacks, I explore the following topics in writings, tutorials, and webinars: online tools for executive protection professionals, open source intelligence investigations (OSINT), threat assessment, protective intelligence, travel security, and more.

Sign up for the newsletter to receive premium content and monthly updates.