Cyber Intelligence for High-Value Individuals

An adversary needs 60 minutes to build a complete profile of you.

In under an hour of open-source research, we reconstruct what an adversary already knows about you.

The data brokers don't wait. Neither do attackers.

EU Jurisdiction
GDPR Native
OSINT Only
NL · DE · AT · CH · GB
0 Minutes to profile
0 Exposure categories
5 EU jurisdictions
100% Open source only
The exposure

What is already out there.

Before any approach, the groundwork is done using public sources alone. It requires no special access — only the right methodology and enough time.

01
Home address
Confirmed via public property registries and open geospatial data
02
Credentials
Recoverable from historical breach datasets, some over a decade old
03
Pattern-of-life
Reconstructed from fitness platforms, conference listings, and social media
04
Family exposure
Spouse and children — often more visible online than the principal
05
Social engineering vectors
The entry points a motivated actor uses first — pretext, impersonation, phishing triggers

You don't know what an adversary already knows about you. That asymmetry is the risk.

How we work

Three steps. No noise.

Every engagement follows the same disciplined methodology — the same one a real adversary would use, applied to your benefit.

01

Collection

Systematic open-source intelligence gathering across public registries, breach data, social platforms, geospatial sources, and corporate filings. We map the full surface before analysis begins.

02

Analysis

Raw data becomes finished intelligence. We model the most likely attack and the most dangerous one — so you know what to close first.

03

Delivery

A structured intelligence report — sourced, calibrated, actionable. What is exposed, what it enables, and what you close in the next 48 hours. Delivered encrypted. Destroyed after confirmation.

The output is not a security scan. It is finished intelligence: the analyst's judgement on what an adversary would prioritise, and why. GDPR-native. European methodology. No data leaves your control.

Who we work with

Built for principals with something to protect.

Our work is not for everyone. We operate within a defined client profile and maintain selective intake to preserve analytical quality.

Executives

C-suite and board-level principals at European companies — particularly those with public profiles, M&A activity, or operational security mandates.

Entrepreneurs

Founders and investors whose personal identity is inseparable from their business — and whose exposure therefore carries direct commercial risk.

High-net-worth individuals

Private individuals whose lifestyle, assets, or family situation creates a target profile — often without their awareness.

Family offices

Organisations responsible for the security of a principal and extended household. We work directly with security directors and estate managers.

Engagements

Three levels of exposure management.

All engagements are scoped during the initial briefing. Pricing is not published — it is discussed after fit is established.

Level I

Exposure Audit

  • Individual executive — single principal
  • 16 exposure categories
  • Breach data and data broker mapping
  • 5-day delivery
  • Structured PDF report
  • Closing briefing call
Fixed scope, fixed fee
Apply for Level I →
Level III

Retainer

  • Continuous monitoring cadence
  • Quarterly full reassessments
  • Incident-triggered rapid review
  • New exposure alerting
  • Dedicated analyst access
  • Annual threat landscape briefing
Annual contract
Apply for Level III →
Proof of work

See the output before you decide.

We have produced a full-engagement sample report — a complete digital exposure audit of a fictional executive, using our standard methodology.

Digital Exposure Assessment
OFPRO-2024-047  ·  RESTRICTED  ·  John Doe (fictional)
Classification: CONFIDENTIAL
Home address
Credentials 3 exposures ·       active · oldest 2017
Pattern-of-life
Family surface Spouse LinkedIn visible · school location      
Risk score
High Risk Active Credential Location Confirmed Pattern-of-Life Mapped Family Exposure

The complete report covers all 16 exposure categories, with adversary modelling, risk matrix, attack chain narrative, and prioritised recommendations.

Download the full sample report (PDF) →
Questions

Frequently asked.

Exclusively open-source intelligence (OSINT): public registries, breach databases, social platforms, geospatial data, WHOIS records, corporate filings, news archives, and data broker aggregators. We do not use hacking, intrusion, or any non-public access method.

Yes. All methods are limited to publicly available information — the same sources any journalist, recruiter, or adversary could legally access. We operate within EU jurisdiction and comply with GDPR throughout the engagement lifecycle.

Reports are delivered encrypted via a time-limited secure link. After your confirmation of receipt, our copy is permanently deleted. We do not retain client data beyond the engagement window — by design and by policy.

A Level I Exposure Audit is delivered within 5 business days of intake confirmation. Level II Full Assessment takes 10 business days. Retainer cadences are agreed during the contract phase — typically quarterly reassessments with continuous monitoring between them.

Our primary operating area is NL, DE, AT, CH, and GB. We can assess principals based elsewhere, but our methodology is optimised for European exposure infrastructure. Contact us to discuss your specific situation.

The Analyst

One person. No juniors. No outsourcing.

Every OF-PRO engagement is conducted personally by a single analyst — from first contact to final report. No delegation. No automated output dressed as intelligence.

  • Military veteran — verkenner, armed forces background
  • Close Protection Officer, CPO Level 4
  • OSINT methodology — structured, source-documented, reproducible
  • GDPR-native approach — data minimisation by design, EU jurisdiction
  • Solo operator — one analyst, one methodology, full accountability

If that matters to you — that the person reading your brief is the same person who wrote the report — that is why OF-PRO exists.

Access

Apply for intake.

Currently accepting Q3 2026 engagements
Intake is selective — we take on a limited number of new engagements each quarter.

A 30-minute conversation. No pitch. We establish whether there is a fit — and what the engagement looks like.

Application received — we will respond within one business day.