OSINT in Action: Safeguarding Major Sporting Events with Open-Source Intelligence

Vanja Susnjar

 In North America, major professional sports leagues like MLB, NBA, and NHL games draw millions of fans each season, creating thrilling atmospheres, anticipation, and excitement that brings communities together. But beyond the scoreboard and excitement lies an unseen team of security professionals dedicated to protecting the fan experience and personal safety. One critical aspect of a physical security strategy is Open-Source Intelligence, or OSINT, which plays a key role in protecting large-scale events. 


Monitoring Public Spaces for Security

OSINT involves gathering and analyzing publicly available information from various online sources to assess potential risks. Think of OSINT as online research, assessment and monitoring of social media platforms, public websites, and message boards to uncover issues impacting an organization’s safety, assets, or interests. At large sporting events, this means monitoring social media platforms like Facebook, Instagram, X (formerly Twitter), TikTok, and Reddit—spaces where fans share their excitement but also where potential threats can emerge.


Even seemingly harmless social media posts can raise red flags. By using a combination of advanced software and human expertise, OSINT teams continuously monitor online activity, identifying posts that could signal security risks. Analyzing this information in real time allows for swift action, whether it’s determining the credibility of a threat or coordinating with emergency services to prevent an incident.


Keyword Searches and Geofencing

Two of the most powerful tools in OSINT are keyword searches and geofencing. Given the sheer volume of social media posts during a major event, manually reviewing each one is impossible. That’s where well-structured keyword searches come into play, efficiently filtering out irrelevant content and zeroing in on potential threats.


  • Primary Keywords include key event details, such as the venue name, city, team names, players, and any VIPs in attendance.
  • Secondary Keywords focus on terms that, when paired with primary keywords, could indicate a threat—words like "knife," "gun," "bomb,", “harm”, or "kill." When combined with primary keywords, these terms trigger deeper scrutiny. 
  • Exclusion Keywords are used to filter out common terms that would otherwise clutter the search results. For example, “stolen base” is common in baseball but irrelevant to security concerns.



Geofencing further enhances the accuracy of OSINT by setting a digital boundary around the event venue. Using metadata from social media posts, geofencing pinpoints activity happening in or near the stadium, allowing security teams to focus on posts from individuals physically present at the event. If someone inside the venue posts something suspicious, it rises to the top of the search results, enabling faster responses.


From Red Flags to Real Threats

When a suspicious post is flagged, the investigation begins. It’s crucial to determine whether the threat is credible or just noise. This often involves analyzing the poster’s online history and connections to gauge their intent. Even anonymous accounts can be traced using OSINT techniques, providing valuable insights into whether the person behind the post, had a history of making threats.



If a threat is determined to be credible, OSINT teams work closely with on-site security, law enforcement, and emergency services to coordinate a response. In some cases, facial recognition technology is used to locate individuals within the venue, allowing security teams to intervene before a situation escalates.


A Critical Layer of Protection That Keeps Evolving

In today’s hyper-connected world, OSINT has become a vital tool in ensuring the safety of large-scale events. The ability to monitor online posts and identify threats in real-time is a proactive approach to security that helps prevent potential dangers before they become serious. And this approach isn’t limited to sporting events—it’s also used at concerts, festivals, and other high-profile gatherings.


As online threats continue to evolve, OSINT’s role in event security will only grow more important. By keeping a pulse on digital spaces and working in tandem with security teams, OSINT ensures that fans, athletes, and attendees can enjoy events without worrying about their safety. When fans head to the stadium, they’re there to watch a game—not deal with potential hazards. Thanks to the behind-the-scenes efforts of OSINT, the focus stays where it belongs: on the action.


OSINT Tools You Can Use Today 

Security professionals involved in monitoring online threats for large-scale events can take advantage of several free OSINT tools to enhance their capabilities. 


1. Google Alerts

  • Purpose: Keyword-based monitoring of the web.
  • How to Use: Set up alerts for relevant keywords, venue names, or potential threats. Google Alerts will send notifications whenever new content appears online related to the chosen keywords.
  • Link: Google Alerts


2. Google Lens

  • Purpose: Reverse image search of people, places and things.  
  • How to Use: Upload photos of people, places and things to retrieve linked information such as social media profiles and locations, which can provide intelligence on a person of interest. 
  • Link: Google Lens


3. Have I Been Pwned?

  • Purpose: Email and password breach checker.
  • How to Use: Security teams can check if any staff emails or relevant accounts have been compromised in past data breaches, which could indicate an increased risk of phishing or social engineering attacks.
  • Link: Have I Been Pwned?

Protecting Business Leaders- The Rising Demand for Executive Protection Programs

By Mitesh Shah February 4, 2025
Introduction High-profile executives and business leaders today are facing an uptick in targeted threats, ranging from stalking to fatal attacks. The recent kidnapping of WonderFi’s CEO, the assassination of UnitedHealthcare’s CEO, and the stalking incident involving Apple’s CEO all highlight the serious threats executives face both at work and at home. Beyond the fear, physical harm, and unfortunate loss of life, such incidents can inflict severe financial and reputational harm on the organizations, causing disruptions in leadership, shareholder confidence, and overall business operations. These recent high-profile incidents have highlighted a sobering truth: high-profile executives and business leaders are increasingly under threat. These unsettling cases are prompting more organizations to reassess the importance of an Executive Protection Program (EP) —a program designed to protect executives, mitigate risks, and safeguard their personal well-being regardless of their whereabouts. The benefits of Executive Protection measure far beyond traditional security. A well-trained EP Agent functions as an extension of your existing team, streamlining travel arrangements, and reducing scheduling complications, so executives can focus on what they do best without unnecessary interruptions. Background: An Evolving Risk Landscape The modern world brings unprecedented access to information and widespread visibility of public figures, which magnifies potential threats—from disgruntled former employees to opportunistic criminals. The Ontic Center for Protective Intelligence conducted a survey of more than 300 senior executives and found that between 2003-2021, there were 206 total reported incidents against senior leaders – 86% of them being physical attacks. The potential fallout includes not just personal harm but business disruption, damaged brand reputation and potential legal liabilities. At least 33% of these senior leaders, did not have executive protection personnel present at the time of the attack ( Ontic, 2021 ). While these cases are extreme, they illustrate the kinds of risks executives consistently face. Heightened Vulnerabilities for C-Level Executives Most CEO’s do not want security for a myriad of reasons. From undercutting their reputation, being bad for business or simply finding it unnecessary, security doesn’t take precedence. The reality is these individuals typically manage medium to large scale organizations and hold valuable intellectual property and assets. The nature of their work, their profile, and their personal wealth all make them prime targets for: Physical attacks Kidnapping and ransom attempts Cyberstalking and harassment In November 2024, the CEO of the Canadian crypto firm Wonderfi, Dean Skurka, was kidnapped in broad daylight, held for ransom, only to be released unharmed upon having the ransom paid ( CBC, 2024 ). But cases like this one are becoming increasingly common as we live in an age of digital information. Details such as where a CEO works from, has lunch or a drink, is open-source knowledge for those who know where to look. Criminals are getting smarter at tracking their targets, understanding their lifestyle, before carrying out their attacks. The next critical step for organizations is to turn these insights into actionable strategies—namely, the core elements of an executive protection program.

Who is Empire Protection?

By Mitesh Shah February 12, 2024
Empire Protection is a leading protection and intelligence firm based in Toronto, Canada. Founded in 2017, Empire was born after the founders, Mitesh Shah and Neil Persaud, noticed a gap in the industry: security companies were prioritizing scaling their business over training their security guards, compromising the safety of their clients and guards. Specifically, these security companies offered minimal to no training, while their employees worked in high-risk environments without understanding the threats they faced. Determined to challenge this norm, Empire’s founders envisioned a boutique security firm that not only met the needs of its clients but prioritized professional training for their team. Our training strikes a balance between hard and soft skills. Today, Empire Protection is a testament to this vision, having established a proven track record for delivering high-quality protection services across Canada. By leveraging a well-trained guard force, backed by innovative security technology, Empire Protection has carved out its share in a saturated and overcrowded market. Currently, the company operates across three main verticals: 1. Security Guard Services; 2. Executive Protection and Secure Transportation; and 3. Risk Management, Training and Consultancy
More Posts
Share by: