Unmasking Iran’s Cyber Fronts: An OSINT Guide to IRGC Attribution
Learn how open-source intelligence connects front companies, digital infrastructure, and individuals to IRGC-linked cyber operations.

Description
Join us for a focused, live webinar examining how OSINT investigators identify and attribute cyber activity linked to networks associated with the Islamic Revolutionary Guard Corps (IRGC). This session will walk through practical investigative methods used to uncover individuals operating behind front companies, analyse corporate registrations, map digital infrastructure, and correlate online personas with state-aligned cyber operations.
Using a structured investigative workflow conducted live, we will demonstrate how open sources such as company filings, domain records, hosting data, leaked datasets, archived content, sanctions lists, and social media profiles can be fused to move from entity-level indicators to defensible individual attribution. Particular emphasis will be placed on linking seemingly legitimate commercial entities to cyber operations through infrastructure overlaps, shared identifiers, procurement patterns, and network relationships.
The webinar will also address analytical tradecraft: validating sources, distinguishing coincidence from correlation, identifying deception tactics, and documenting findings to withstand scrutiny in legal, journalistic, or intelligence contexts.
Whether you work in law enforcement, intelligence, cyber threat analysis, compliance, investigative journalism, or academic research, this session will provide actionable techniques and a disciplined framework for conducting attribution-focused OSINT investigations into state-aligned cyber fronts.