ODSF is an open, controls-based framework for managing organization-wide OSINT exposure: what attackers can learn about an organization and its people from public information, and the controls that reduce that exposure, defend the people it targets, and detect and respond to what remains.
- Framework home: https://psysecure.com/odsf/
- Current version: 0.3.0 (Public Draft), released June 11, 2026
- In development since May 2025, first published July 2025; the version history is in the changelog
- License: Creative Commons Attribution 4.0 International (CC BY 4.0); see LICENSE.md
| Artifact | SHA-256 |
|---|---|
| odsf-v0.3.0.pdf — the complete framework, designed for reading | 40e76d39738392f4241ceaecc36c957bcc1fab1d463c578bd686025316d073b8 |
| odsf-v0.3.0.json — the canonical machine-readable edition | 2357165d1271132161e3b64c77f461f82376ab37f7e1845f73037bc951411662 |
Stable links for citation: https://psysecure.com/odsf/pdf and https://psysecure.com/odsf/json always point at the current version. Previous releases stay available in this repository (odsf-v0.2.0.pdf · odsf-v0.2.0.json), with their SHA-256s in the changelog.
| Version | Date | Milestone |
|---|---|---|
| 0.3.0 | June 11, 2026 | Public Draft. 150 controls, each with an evidence core and organization-size applicability; framework-level threat model. |
| 0.2.0 | June 10, 2026 | Public Draft. First release under CC BY 4.0; 163 controls; assessment rubric and 27-control baseline. |
| 0.1.3 | Internal only | Stabilization series on the 0.1.2 base; never exported or published. |
| 0.1.2 | July 2025 | Draft iteration, 159 controls; published July 15, 2025 to the since-retired odsf.psysecure.com catalog. |
| 0.1.1 | May 2025 | Initial public draft; framework development began May 9-10, 2025. |
Full release notes, including artifact SHA-256s for every published version, are in the changelog.
This repository is the official home of ODSF releases: each version's designed PDF, the canonical machine-readable JSON, and the changelog, added once per release. The framework's working source is maintained privately by PsySecure, and every published artifact is generated from it through a reviewed pipeline. Watch this repository to be notified of new releases.
The framework comprises 5 focus areas, 34 subcategories, and 150 controls, each carrying a compact evidence core and organization-size applicability, with interpretation conventions, a framework-level threat model, a glossary, a scoring rubric, a reference severity method, and a 27-control baseline subset for small organizations.
OSINT Defense & Security Framework (ODSF) v0.3.0. Author: Ray Heffer; Publisher: PsySecure. Source: https://psysecure.com/odsf/. License: CC BY 4.0.