Steven Harris

Steven Harris is Cyber Threat Analyst at Protection Group International ( With a background as a detective, as crimes such as ransomware became more prominent Steven specialized in cyber crime. In his career, he received several commendations for catching groups of cyber criminals and improving the way that law enforcement respond to security vulnerability disclosures. He believes that open source investigation skills combine well with cyber security and considers it a great privilege to work in this field.

More About Steven


Like many people in this field, Steven did not start out in the security or tech industry but chose to work in this sector because it combines his existing interest in the internet and technology with the need to constantly solve problems and learn new skills.

Steven always had an interest in computers, ever since the early days of dial-up internet. The ability to find out everything and anything about any subject you wanted to learn about was incredibly interesting to him, but he hadn’t considered then how this would be useful for security.

After University Steven joined the police and became a detective. Over time the internet and digital technology featured more strongly in all types of crime and he began to use open source intelligence more and more effectively to solve cases. Its value wasn’t always so obvious though. As recent as just about ten years ago, Steven was told off by his supervisor for using Twitter to try and locate witnesses to a robbery. Fortunately, times have changed since then! 

The greatest highlights for him were the cases where he caught criminals who took great pride in their OpSec and acted as though they were never going to be caught. He always loved the challenge of these cases because if you dig deep enough you can find the gaps in their armor - there’s always some data point you can pivot from to find who and where someone is.

He spent 12 years working as an investigator in UK law enforcement and used OSINT and cyber security skills to solve some really difficult cases. In the past he's used OSINT to find missing people, expose multi-million pound internet fraudsters, and convict criminals involved in swatting, blackmail, and DDOS-for-hire services. Steven has also worked hundreds of cases where he used internet investigation skills to convict child abusers. Today, he uses the same skills to help companies all across the world see how they are exposed to a wide range of cyber security risks and help them to build their resilience.

As a teacher for SEC497: Practical Open Source Intelligence (OSINT), Steven believes there’s so much to learn in this field and it changes regularly. Teaching the class helps him keep his skills up to date and he especially enjoys learning new things as he goes. "If I teach you, you’ll get the added benefit of years of practical experience, useful anecdotes, and a few mistakes I made along the way (so you won’t have to!)"

Students have to leave a class with the ability to go out and put their new skills into action right away. Steven finds that the best way to do that is by ensuring students are guided through practical labs and that theoretical knowledge is backed up by real-life illustrations and examples that will be useful on a Monday morning.

"The amount of resources, tools, and techniques in OSINT can seem overwhelming and they change frequently so it can sometimes feel like you will never master the subject. When you’re back in your day job and struggling to solve a problem the skills taught in this course will ensure you are equipped to research, experiment and find solutions to some of the challenges you face."

Steven is a Board Member of The OSINT Curious Project and contributes to the Project’s regular webcasts and teaching materials. Over the past few years, he has written dozens of articles about OSINT on his blog at

Professional Certifications

Security +, CISMP, GOSI


Github: Office365 enumeration tool: 

GitHub: Mapping Tool that takes free text addresses and converts them to KML: