Call: Open Source Intelligence (OSINT) processing capabilities

NATO – NCIA (NATO Communications and Information Agency), Brussels

The NATO Communications and Information Agency (NCIA) is conducting market research to identify potential sources and gather information regarding industry capabilities, through eliciting industry views on the envisioned services for Open-Source Intelligence (OSINT) Processing Capabilities to inform the project requirements. This Request for Information (RFI) is issued solely for informational purposes and does not constitute a Request for Proposal (RFP), Request for Quotation (RFQ), or invitation for bid.

Planned Solicitation Closing: 13/02/2026

1. Background: The NATO Communications and Information Agency (NCIA) aims to support the Open-Source Intelligence (OSINT) community by providing a scalable capability to collect, process, and exploit Open-Source Information (OSINF). This capability will enable OSINT analysts to access and analyse the information required to satisfy the Commander’s critical intelligence requirements at the speed of relevance.

To stay abreast of the rapid developments in data collection and analytics, NCIA requires a scalable contractual mechanism that comprises of best-in-class industry solutions. The successful Contractor must offer the flexibility to access diverse data sources and analytical technologies while maintaining a stringent focus on the security aspects.

2. Scope: The overall scope of the OSINF processing capabilities can be split into five main areas:

a. Managed Attribution Service

i. The managed attribution capability will ensure that an OSINT analyst can tailor their online presence and digital footprint, both manually and automatically.

ii. This allows them to access websites that may otherwise only show chosen, alternative content for foreign browsers – or be blocked entirely – based on the request parameters (region, platform, language etc.).

iii. Additionally, it enables analysts to elude tracking mechanisms used by content providers, thereby guaranteeing operational security and protecting topics of interest.

b. OSINT Platform

i. NCIA requires a front-end platform for OSINT analysts on both unclassified and classified networks, through which, on the unclassified network the service provider will act as the main broker for data and analytics accessible on the surface web and commercial subscriptions.

ii. The OSINT processing capability will leverage the most advanced automated analytical techniques providing clear insights and enabling analysts to set repeatable, shareable queries.

iii. Such techniques may include: • Anomaly detection • Geolocation • Automatic geolocation extraction • Heatmap or cluster generation • Filtering • Facial recognition • Automatic named entity recognition and classification • Identification of relationships and linkages between entities • Identification of deepfake or AI-generated content • Optical character recognition • Transcription and translation services for data services, including, but not limited to, videos, audio, and images.

iv. The capability will automatically log and enrich retrieved data to ensure discoverability, analysis, and fusion, and enable collaboration within and across teams as needed.

v. This platform must provide access to third-party services or data, both directly and through APIs.

vi. The plan is to enable search and query functionality across all data sources, with the additional ability to use individual vendor tools as needed for specialist queries and analytics.

c. Data Acquisition and Collection Services

i. The services will include sources of information that require participation in specific groups or channels, messaging platforms, blogs or forums, necessitating the use of targeted crawlers.

ii. The capability will enable access to relevant and desired data from a wide range of sources including, but not limited to: • Traditional media • News aggregators • Social media • The surface, the deep, and the dark web • Ad-tech data • The Internet of Things (IoT) data • Blockchain analysis • Grey literature and periodicals • Commercial foundational military equipment and installations • Unit and organisational data sets • Events data (including military, terrorism, serious and organised crime, protests and riots) • Assured country baseline data • Cyber threat information • Archived or deleted webpages • Online air and maritime traffic • Any relevant new and emerging data sources