Blog
Notes from the team
Field notes on OSINT engineering, alert fatigue, the messy reality of geographic risk monitoring, and the occasional product update.
environmental-risk-intelligence
sanctions-compliance-automation
Maritime Security: Advanced Vessel Tracking and Anomaly Detection
Geopolitical Risk Monitoring for Global Supply Chains
Using geographic event intelligence to proactively manage supply chain disruptions.
Aircraft Tracking with OpenSky: Military Squawks, Emergency Codes, Pattern-of-Life
How to consume OpenSky Network's free ADS-B feed for situational awareness around airfields, sensitive sites and conflict zones. Squawk-code alerts, emergency-code detection, pattern-of-life baselines.
Build vs Buy: When to Roll Your Own OSINT Stack vs Use a Platform
Honest framework for deciding whether to build an in-house OSINT monitoring pipeline or use a managed platform. Cost analysis, time-to-value, hidden engineer-month tax.
Real-Time CVE Monitoring with the NVD API
How to consume the NIST National Vulnerability Database in real time, filter to your stack, score by CVSS + EPSS exploitability, and route to the right Slack channel. Practical free starter.
Building a Disaster Awareness Dashboard with GDACS and ReliefWeb
GDACS bulletins + ReliefWeb humanitarian briefs combined give NGOs, insurers and supply-chain teams 24/7 disaster awareness with population-exposure scoring. Practical wire-up + filter patterns.
Earthquake Early Warning for Operations Teams: A Practical OSINT Guide
How to wire USGS + EMSC + JMA + GeoNet into a single seismic alert pipeline for refineries, supplier facilities and field operations. Latency benchmarks, severity tuning, free starter stack.
Using GDELT for Real-Time Conflict and Geopolitical Monitoring
GDELT 2.0 ingests every major-language news article worldwide, geocoded and tone-scored. Here's how operations and security teams turn that firehose into actionable conflict + geopolitical risk alerts.
Geofencing for Enterprise Risk: How Watch Zones Transform Operational Awareness
Why geofencing is the layer that turns OSINT firehoses into useful enterprise risk alerts. Patterns for refineries, ports, pipelines, country borders and what to avoid.
Why Every Alert Needs an LLM-Generated Explainer (And How to Do It Cheaply)
Attaching a one-paragraph LLM explainer to every alert cuts mean-time-to-action by 60% and is the single highest-ROI feature in modern OSINT monitoring. How to wire it for under $0.001 per alert.
Maritime Intelligence: Tracking Vessels and Port Risk with AIS Data
How AIS vessel tracking, port congestion analytics and dwell-time alarms work — and how to wire them into a production maritime intelligence system without a six-figure data subscription.
Designing a Real-Time Operational Risk Dashboard: Lessons from 50+ Deployments
What works and what fails when building an operational risk dashboard for supply chain, security and crisis teams. Layout, severity colour, alert triage UI and the one mistake every team makes.
Real-Time Sanctions Monitoring: OFAC, EU and UK Consolidated Lists
How compliance and supply-chain teams catch new sanctions exposure within hours of designation. OFAC SDN diffs, EU FSF, UK OFSI feeds, deduplication and false-positive filters.
Wiring NOAA Severe Weather Alerts into Your Operations Stack
How to consume NWS CAP feeds, NHC hurricane advisories and OpenWeather severe-weather alerts in one normalised pipeline. Geofencing patterns for refineries, distribution centres and field crews.
How to Monitor Supply Chain Disruptions with Open-Source Intelligence
Build a real-time OSINT supply-chain monitoring stack with public feeds — AIS for vessels, GDELT for strikes and sanctions, NOAA + NWS for severe weather. Practical patterns plus a free starter setup.
Tracking Disease Outbreaks with WHO Disease Outbreak News (DON)
How public-health, biosecurity and supply-chain teams catch outbreak signals early. WHO DON feed, ProMED, HealthMap, syndromic severity scoring, geofencing patterns.
Wildfire Monitoring with NASA FIRMS: A Practical Guide
How to consume NASA FIRMS VIIRS + MODIS active-fire detections, geofence them to pipelines, refineries, distribution centres and field crews. Latency benchmarks + false-positive filters that work.
Why we built Augur
Operations teams are drowning in 20 different OSINT feeds. We built Augur to merge them into one geofenced, AI-explained stream.
Killing alert fatigue with severity thresholds
Most alert systems fail because they fire on everything. Here's how Augur computes a normalised 0–100 severity score and why per-zone thresholds matter.
Polygons beat circles (most of the time)
Circles are easier to draw. Polygons match real assets — port basins, country borders, pipeline corridors. Here's when each shape wins.
AIS dwell-time alerts: catching vessels that loiter
Vessels parked over a subsea cable, idling near a sanctioned port, or backed up at a chokepoint are the actually-useful AIS signal. Here's how we wire dwell-time alarms.
Why every Augur webhook is HMAC-signed
Anyone who knows your webhook URL can forge a payload. HMAC signing lets your downstream code verify origin in three lines. Here's how we do it.
Anatomy of the Augur ingest stack
Postgres for state, Node workers for adapters, a service-role Supabase client for cross-tenant writes. The full pipeline from poll-loop to canonical_events.