Documentacion renderizada
Esta pagina renderiza Markdown y Mermaid del modulo directamente desde la fuente publica de documentacion.
Overview#
The OSINT Providers domain manages Open Source Intelligence data providers for the platform. It implements a dynamic provider registry, tenant-specific configuration with encrypted API key storage, quota management, health monitoring with circuit breakers, and execution tracking across all integrated intelligence sources.
Key Features#
- Provider management with per-tenant enable/disable and API key configuration
- Dynamic provider registration for adding custom OSINT providers without code changes
- Multi-tier quota management with rate limiting at minute, hourly, daily, and monthly intervals
- Health monitoring with circuit breakers, success rate tracking, and response time measurement
- Execution tracking with query logging, cost tracking, and statistics aggregation
- Provider catalog with static and dynamic provider lookup
- Eight provider categories: threat intelligence, domain, IP, file, email, social, cryptocurrency, and custom
- Seven capability types: search, lookup, enrich, report, monitor, download, and submit
Use Cases#
- Registering and configuring OSINT providers per tenant with encrypted API key management
- Enforcing rate limits and spend caps to control provider usage costs
- Monitoring provider health and automatically disabling unhealthy providers via circuit breakers
- Tracking execution statistics to audit provider usage and optimize query strategies
Integration#
The OSINT Providers domain integrates with Organization for tenant isolation, User for authentication and authorization, Investigation for OSINT lookups, Alert for automated enrichment, and Entity Resolution for data enrichment. It connects to external providers including VirusTotal, Shodan, Censys, SecurityTrails, and custom threat intelligence APIs.
Last Reviewed: 2026-02-05