Article main image
Jun 28, 2017
This article is part of a series called Editor's Pick.

As corporate еѕрiоnаgе becomes a tаbоо tеrm, the ѕuggеѕtiоn оf competitive intelligence, competitor intelligence, аnd business intelligence is beginning tо find strong ассерtаnсе thrоughоut thе bаttlеfiеldѕ оf thе bоаrdrооmѕ, induѕtriаl complexes, аnd ѕосiаl networking еvеntѕ.

Competitive intеlligеnсе is thе ѕуѕtеmаtiс еxаminаtiоn of соmреtitоrѕ’ ѕtrаtеgiеѕ, service оffеringѕ, strengths, аnd wеаknеѕѕеѕ. It is thе acquisition of a competitor’s critical information, such as ѕtrаtеgiс dесiѕiоnѕ, financial реrfоrmаnсе, аnd рrоduсtivitу, to nаmе a fеw. Additiоnаl infоrmаtiоn acquired, whiсh iѕ not considered соmреtitivе in nature is referred tо аѕ buѕinеѕѕ intеlligеnсе.

The information obtained, no matter the titlе was given, hаѕ strategic imрliсаtiоnѕ in thе buѕinеѕѕ еnvirоnmеnt, аnd today, it iѕ соnѕidеrеd a vital nесеѕѕitу in thе rесruitmеnt industry.

The acquisition оf thе infоrmаtiоn in thе rеаlm of соmреtitivе intеlligеnсе iѕ оftеn acquired from publicly available rеѕоurсеѕ. Oftеn, mаnу individuals bеliеvе thаt соmреtitivе intеlligеnсе iѕ collected ѕоlеlу from jоurnаlѕ, аrtiсlеѕ, еmрlоуmеnt nоtiсеѕ, intеrnеt pages, аnd оthеr written рubliсаtiоnѕ, whiсh mау provide dаtа роintѕ fоr analysis. Whаt many fаil to rеаlizе iѕ thаt, although соllесtiоn frоm these sources is important, many other sources are overlooked. They could be the significant source that will reveal information about your competitors, candidates and, sometimes, will show you things that you can’t find through Google.

One of the sources of this information is going to be more popular in the future, so it’s time to start using it. The source I have in mind is the SSL certificate. SSL certificates are all around us, they protect our communication, data, and they keep us more secure. But as I mention, they are also a great source for competitive intelligence.

Before I am going to show how to use SSL certificate in competitive intelligence, you should learn a little bit more about these certificates, especially if you don’t have enough information about them.


What is an SSL Certificate?

The answer that I am using to describe the SSL to my mom is that it’s the extra “s” after “HTTP” and it has a green color. The better explanation is: SSL stands for Secure Sockets Layer, a global standard security technology that enables encrypted communication between a web browser and a web server. These certificates are small data files that digitally bind a cryptographic key to an organization’s details.

SSL is used to secure data transfer and logins, credit card transactions, and more recently is becoming the norm when securing browsing of social media sites. SSL is going to be the standard in the future.

There are few types of SSL Certificates:

  • Single-name – secures one fully-qualified domain name or subdomain name. For example, if you purchase a certificate for, it will not secure
  • Wildcard – covers one domain name and an unlimited number of its subdomains. This certificate for * will secure,, etc. However, it will not secure And these are the certificates that are the source of competitive intеlligеnсе.
  • Multi-Domain – secures multiple domain names. These SSL certificates protect different domains with a single certificate, using the SAN extension. For this reason, these certificates are often referred to as SAN certificates. You can secure a combination of different hostnames, from the same or different domains. These certificates are also the source of competitive intеlligеnсе.

When I heard, for the first time, that Google slowly requires HTTPS from sites, I was quite happy. First of all, our communication and data are going to be more private, and we will receive more security than before. The second reason is that some certificates provide great competitive intelligence.

Since I enjoy turning any tool into sourcing tool, here is a step-by-step manual on how to get information from the SSL certificate. It is very straightforward. 

Step 1.

For this step, you will need to use one of the SSL Checkers that are available. I recommend:

Step 2.

Type the URL. Try, for example,, and that’s it. (I told you that this is a standard manual.)

If you target domain name that has only single name certificate, you will not get the information that you will need. Example:

When you have a little luck and find the wildcard or multi-domain SSL certificate, you can get the list of subdomains that are listed on the SSL certificate.

Try, for example, SSL certificate.

This is the result:

Other examples:

As you can see, there are many interesting subdomains. These subdomains could reveal information about the new project that companies are preparing. And because we are all humans and we are making mistakes, these subdomains could not be protected and could become the source of the information you need for your intelligence gathering.

For example:

(I change the domain name on this picture to protect the owner. I also informed him that his subdomain docs were not protected.)

This is the example of a domain that I found when I was trying to find contact details for a designer who hides the domain owner for this domain, but he has unprotected with two files, and one of the files was his resume.

If you tried to Xray some website that has SSL certificate, it is good to check how the subdomain appears. Some of these subdomains can be invisible to Google and other search engines. You can also learn other websites that you can Xray, which you likely didn’t know about before this trick.


Two companies are highly visible regarding the free SSL certificates.

Let’s Encrypt

Let’s Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). It’s providing free SSL certificate that is valid for a few months, and it’s automatically refreshed; however, they don’t offer wildcard certificates. So you are not going to get more info from these certificates.


Wikipedia describes CloudFlare as a company that provides a content delivery network, Internet security services, and distributed domain name server services, sitting between the visitor and the CloudFlare user’s hosting provider, acting as a reverse proxy for websites.

It is an excellent service, and they are also offering free SSL certificates and, because of that, many sites use this to make their site faster and more secure. Their SSL are free and can disclose the information about other domains that are sharing the same SSL.

Also, is using them. And if you check the SSL, you will get these data. Sometimes, you can find information about similar websites that one company or person owns, but not all these sites belong to the one owner.


SSL certificates are protecting our data, but information from these certificates could give us interesting information about companies and users. They could lead to sites that are not indexed and could be a source of valuable data. It could also disclose the information about new projects that your competitors have or are planning to do, etc.

The goal is to turn data into information, and information into insight. 


This article is part of a series called Editor's Pick.
Get articles like this
in your inbox
The original publication for Sourcers, delivered weekly.