Find Out About OSINT Data for Threat Intelligence, Recommended Tools for Security and More

In this interview with the Founder and CEO of FalconFeeds.io, which provides real-time cyber threat intelligence, we learned about the resourcefulness of Open-Source Intelligence (OSINT). 

Our guest, Nandakishore Harikumar, discussed various uses of OSINT data for the guardians of cybersecurity in solving crimes. Harikumar shared the company’s vision of providing actionable data, posting threat alerts in a simplified format, and disclosing critical information with a mission to democratise threat intelligence.

Their brave efforts have been challenged by governments and platforms targeted by threat actors, yet they work tirelessly to uphold cybersecurity.

Read on to learn more about FalconFeeds’ X account compromise, how the social media's support team responded to their urgent call, and the essentials required to succeed in this industry.

1. What inspired you to enter the world of threat intelligence and Open-Source Intelligence (OSINT)? What are some of your most interesting observations about using OSINT?

OSINT is still a vastly underutilised and misunderstood field. Despite its availability, many people don’t realise how powerful it can be in uncovering critical insights. Large-scale investigations around the world today rely on OSINT data—crimes are being solved, frauds are being detected, and geopolitical events are being tracked in real-time, all through public data.

I’ve been a practitioner of OSINT for many years, and what fascinates me most are digital human footprints and geolocation tracking. People unknowingly leave traces of themselves across the internet—posts, images, comments, metadata—and when pieced together, these fragments can reveal astonishingly accurate information.

In one of our investigations, we were able to locate multiple residences of cybercrime suspects across different countries, even when law enforcement agencies had no leads. We did this by stitching together various OSINT signals—social media metadata, background images, business records, and IP footprints. It’s a powerful testament to what open data can achieve.

2. The followers of FalconFeeds have increased by a vast number in a short span of time. We would like to know the secret behind your success and a little about your team.

The growth of FalconFeeds has been entirely organic. We built it with a singular vision: to serve the global threat intelligence community with accurate, fast, and actionable data. We were among the first to post structured threat alerts in a simplified format—making them accessible to both researchers and analysts.

One of our core beliefs is to democratise cyber threat intelligence. We wanted to make sure that critical information isn’t locked behind paywalls or walled gardens. At the same time, we’ve remained ethical—we don’t shame victims or sensationalise attacks.

However, we do operate in a grey area, and that brings challenges. We’ve even received takedown requests, including one from the Turkish government, which issued a legal notice to X (formerly Twitter) because of our reporting.

Our team is lean but highly skilled. We come from varied cybersecurity backgrounds—threat researchers, data analysts, engineers—and we work around the clock, because cyber threats don’t follow time zones.

3. Please share about FalconFeeds’ services and solutions for specific cybersecurity issues.

FalconFeeds specialises in providing real-time alerts on cybersecurity incidents with minimal false positives. Our primary differentiator is speed—we focus on making the first reliable post about an incident. Beyond that, we have built robust integrations via APIs, enabling cybersecurity firms and SIEM/SOAR platforms to embed our data directly into their workflows.

Recently, we launched a new platform called Telescope, which focuses on raw threat intelligence, spanning cybersecurity, cybercrime, and geopolitical data. While FalconFeeds filters and presents the most relevant threat updates, Telescope provides a broader raw data feed for power users and investigative researchers.

Telescope received over 250 early access requests within days of announcement, a reflection of the trust we’ve built and the growing demand for transparent cyber intelligence data.

4. FalconFeeds’s X account was breached for a few hours this January. When did your team learn about it, and what was your initial reaction? How did you bring the situation under control?

It was definitely one of the most stressful incidents we’ve faced. The breach happened through a compromised employee device, and the attackers gained control of our X account. Within minutes, they began posting fraudulent content—nearly one post every five minutes.

We discovered it within an hour and began containment immediately. It took around 10 hours in total to fully recover access. The X support team was incredibly responsive and played a key role in resolving it.

Meanwhile, we initiated a full-scale incident response—audited all systems, rotated keys, and ensured our access control and endpoint security protocols were re-evaluated. It was a wake-up call, even for a cybersecurity company. But we’re glad we handled it transparently and quickly.

5. What are the other threats that intelligence platforms often face? What are the most important requirements needed to thrive in this industry as a firm and as professionals?

Threat intelligence is not just technical—it’s political, reputational, and operationally sensitive. Platforms like ours walk a thin line between public interest and legal boundaries. Any piece of intel can be misconstrued, misused, or even weaponised.

The biggest challenge is credibility. You need to build a track record of accuracy, neutrality, and ethical reporting. Many new platforms jump in, but sustaining it requires maturity, patience, and a deep understanding of how intelligence works in real-world scenarios.

As a firm, the key requirements are:

• A strong, ethics-driven team with multi-domain expertise.
• A commitment to rapid but verified information.
• Adaptability to evolving threats and global laws.
• Building trust and credibility with your users and partners.

As professionals, we need to constantly evolve, learn, and stay ahead of attackers. Cybersecurity is not static—and neither should we be.

6. Which tools would you recommend for online security based on specific requirements?

There isn’t one tool that fits all. Depending on your needs—personal safety, enterprise defence, or investigations—the tools vary. Here are a few I highly recommend:

• HaveIBeenPwned: For checking if your credentials or email accounts have been part of known data breaches.
• VirusTotal: For scanning URLs and files before downloading or clicking.
• Shodan: For scanning exposed infrastructure and identifying IoT or industrial control systems that are vulnerable.
• Whoxy / WhoisXML API: For domain and DNS-based intel.
• Telescope(ours): For raw data on global cyber threats and geopolitics.

7. What does the cybersecurity industry demand from new employees in this field? What is your message to students who want to pursue a career in cybersecurity?

More than degrees or certifications, curiosity is the most valuable asset in cybersecurity. This is a field where attackers evolve every day—and defenders must evolve faster.

If you’re a student, here’s my message:

• Be curious: Try to figure out how things work—and how they break.
• Build something: Even small projects like phishing simulators or CTF challenges can teach a lot.
• Contribute to open source or bug bounty platforms: They give real-world exposure.
• Read threat reports: Follow platforms like FalconFeeds to stay updated.
• Most importantly, never stop learning: The moment you stop, you’re outdated.

Passion, perseverance, and ethical grounding—that’s what makes a great cybersecurity professional.