An OSINT threat assessment of the Islamist insurgency in Cabo Delgado

Flag of Mozambique.


I was requested this report by a client, given a 2-day timeframe to collect, analyse, and report on the then-unfolding Cabo Delgado’s insurgency events following the attack on Palma, March 24, 2021.
The intelligence requirements were (1) to research the regional threat and (2) to understand the security implications of the insurgency by using publicly available information.


  1. For a matter of time and scope, this report does not cover:
  • Other actors involved (e.g. PMCs);
  • More detailed maps of the then-current situation, evidencing areas controlled by the insurgents and the alleged hubs for infiltration/recruitment/training;
  • A deeper profile of the insurgents’ capabilities…

The need for the intelligence cycle, a basic workflow, and some tradecraft on how to investigate people and organisations between OSINT and HUMINT.

Photo by Killian Cartignies on Unsplash

Foreword: I am still looking for a job but — hey! It’s beautiful to learn along the way

During my job search for an intelligence role, I have been tasked with the most varied requests and assignments, sometimes for a 3-day test rush, other times for a few hours. Well, enough to finally understand a clear methodology is much more needed than an in-depth knowledge of a particular geographic area or industry (not that this is irrelevant but a good thinking system comes first — there is a limit to the information your brain can store, so it seems more efficient to invest in methodology).
All this really applies when investigating people. Humans are wonderful: huge servers of…

Open-source information allegedly shows Russia amassing military hardware close to the Ukraine border amid NATO’s concerns. How an OSINT methodology can help moving beyond information, to intelligence?

Credit:[Dave Mustaine/EPA/EFE],

BLUF (Bottom Line Up Front)

Since at least March 27, 2021, Russia appears to be amassing military hardware near the Ukraine border as tensions arise in the Donas region. NATO condemns this military build-up, while Russia warns the escalation could destroy Ukraine.

Rising tensions in Donbas

Tensions have been escalating in the Donbas region in the last days of March 2021 as Russia appeared to be moving military hardware and establishing supply lines near the Ukraine border, allegedly in accordance with the preparation for exercises and to maintain combat readiness. This explanation is not agreed upon in Kyiv, which has labelled Russia’s posture as openly aggressive and threatening.


I started writing this as a post for LinkedIn to say “Hey, I can do this stuff and need a job!”. Then, it turned into a kind of write-up of my current job hunting experience: using intelligence to land a job in the intelligence industry (or anywhere).

Everyday tradecraft applied

I am looking for the next role in the intelligence and security arena, have done interviews, tests, and several informal calls, building my network with love and patience. Opportunities will come, I know. Yet, I cannot live on fresh air, therefore I am continuously searching for other openings in the meantime, which is not an easy task (add some restrictions and generalised business hardship everywhere to the recipe, and serve cold).

It happens that traditional means such as Indeed and Glassdoor, or even LinkedIn, are not enough in this historic moment, so I have to resort to some…

Geolocation, pivoting, collaboration: these are the main ingredients of this write-up, which is based on a Webinar hosted by the GIJN on November 27–28, 2020, but that has become an interesting battleground for an OSINT beginner like me to dive deeper in some strategy & tactics.

Some notes I took at a webinar on OSINT

This is my second piece ever on OSINT, within a series I have pompously named “OSINT from scratch”. Previously, I have written a very basic beginners’ intro to some tools and techniques I have used (at the end of September 2020) to monitor the outbreak of the conflict in Nagorno-Karabakh.

The general purpose of these blogs is to share my first step in the open-source intelligence realm with other enthusiasts and wannabes.

Namely, this article has the aim to organise the notes I have taken and then compiled during a 2-day webinar hosted by the Global Investigative Journalism Network on…

Open-source intelligence (OSINT) is the process of collecting, analysing, and reporting publicly available information in an organised fashion. When dealing with breaking events and monitoring ongoing incidents, there is a wealth of data out there and it is easy to get lost. I share here my first steps into the OSINT realm as a threat intelligence intern reporting on the Nagorno-Karabakh conflict. This is OSINT from scratch.

Open-source intelligence: more mindset, fewer tools

Open-source intelligence (OSINT) is usually depicted as a magic box of tools to uncover deep secrets into the life of people, entities, or even countries, just by having access to a Wifi, a good soundtrack in the background, and a certain dose of investigative mindset.
Like every stereotyped portrait, of course, it is not exactly like that — yet it is, in some way.

My first approach to open sources personally started when working for an investigative journal, and indeed I had no more than an Internet connection and the commitment typical of a new intern, in a foreign land…

Jacopo Grande

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store