I Built an OSINT Command Center with globalthreatmap
I Built an OSINT Command Center with globalthreatmap — Here's How You Can Too
What if you could see the world's conflicts unfolding in real-time from your browser? Not through scattered news feeds or delayed government reports, but through a single, interactive intelligence dashboard that plots breaking threats as they happen. For OSINT analysts, security researchers, and geopolitical enthusiasts, this isn't science fiction — it's the reality that globalthreatmap delivers.
The painful truth? Most developers and analysts waste hours cobbling together fragmented data sources, wrestling with outdated tools, or paying thousands for proprietary intelligence platforms. Meanwhile, critical security events slip through the cracks. What if you could deploy your own professional-grade threat intelligence platform in under 30 minutes, with real-time event mapping, AI-powered conflict analysis, and military base visualization — all open-source and completely customizable?
This is where globalthreatmap changes everything. Created by unicodeveloper, this Next.js-powered OSINT command center transforms raw global data into actionable intelligence. In this deep dive, I'll show you exactly how it works, why it's trending among security professionals, and how to deploy your own instance. Ready to upgrade your situational awareness?
What is globalthreatmap?
globalthreatmap is a real-time global situational awareness platform that plots security events, geopolitical developments, and threat indicators on an interactive Mapbox-powered map. Think of it as your personal OSINT (Open Source Intelligence) command center — a tool that aggregates, visualizes, and analyzes global threat data so you don't have to manually track dozens of sources.
Created by Prosper Otemuyiwa (@unicodeveloper), a prolific developer known for impactful open-source tools, globalthreatmap emerged from the growing need for accessible, transparent intelligence platforms. While governments and corporations spend millions on proprietary systems, this open-source alternative democratizes access to critical geopolitical information.
The repository is trending now because it hits a perfect storm of needs: increasing global instability demands better monitoring tools, AI integration makes deep research feasible for individuals, and modern web technologies enable smooth, responsive mapping experiences that were previously enterprise-only. The platform integrates with Valyu's intelligence APIs to provide AI-synthesized conflict analysis, automated entity research, and comprehensive report generation — capabilities that traditionally required dedicated analyst teams.
What sets globalthreatmap apart is its holistic approach to threat visualization. It doesn't just show dots on a map; it contextualizes events with historical conflict data, military infrastructure overlays, and AI-generated intelligence dossiers. For developers, it's also a masterclass in modern React architecture — built with Next.js 16 App Router, Zustand state management, and Tailwind CSS v4.
Key Features That Make globalthreatmap Insane
Let's dissect what makes this platform genuinely powerful for intelligence work:
Real-Time Event Mapping with Threat Classification
The core engine plots breaking news events — conflicts, protests, natural disasters, diplomatic incidents — with color-coded threat levels (Critical, High, Medium, Low, Info). Events aren't just displayed; they're classified and filterable. The clustering algorithm groups nearby events at lower zoom levels, preventing visual overload while maintaining situational awareness.
Interactive Mapbox Visualization
The dark-themed Mapbox GL JS implementation isn't just aesthetic — it's functional. Heatmap view toggles event density visualization, revealing conflict hotspots invisible in standard marker views. The auto-pan mode continuously pans eastward, creating a "command center" atmosphere perfect for monitoring stations. Smooth navigation with react-map-gl ensures 60fps performance even with thousands of data points.
Intel Dossiers with AI-Powered Deep Research
This is where globalthreatmap transcends typical mapping tools. Using Valyu's Deep Research API, you can generate ~50 page intelligence reports on any entity — nations, militias, PMCs, cartels, political figures. The system pulls from hundreds of sources across the web, academic papers, and proprietary databases, then delivers:
- Structured CSV exports with locations, coordinates, key figures, and source URLs
- 8-slide PowerPoint briefings for stakeholder presentations
- Downloadable PDF reports for archival and distribution
Reports take 5-10 minutes to generate — a fraction of manual research time — with cited sources throughout (Wikipedia deliberately excluded to ensure reliability).
Military Bases Layer
Visualize global military presence with 30+ US military bases (green markers) and NATO installations (blue markers) across Europe, Asia-Pacific, Middle East, Africa, and the Americas. Click any base for instant details: name, type, and host country. This layer loads automatically on initialization, providing immediate strategic context.
Country Conflict Intelligence
Click any country to access a tabbed conflict interface: current conflicts (red-themed) show active wars, military tensions, border disputes, and terrorism threats; historical conflicts (blue-themed) display past engagements with dates, opposing parties, and outcomes. All data is AI-synthesized using Valyu's Answer API with cited sources, and the selected country highlights in red with a blinking animation during data loading.
Alert System with Keyword Monitoring
Configure keyword and region-based alerts with real-time notifications. Track terms like "nuclear," "sanctions," or specific geographic areas. The event feed supports full-text search and multi-criteria filtering, ensuring you never miss relevant developments.
Real-World Use Cases Where globalthreatmap Dominates
1. Journalists and Newsrooms Tracking Breaking Conflicts
When tensions flare in volatile regions, newsrooms need immediate geographic context. globalthreatmap's real-time event plotting and historical conflict data provide instant background — no more scrambling through Wikipedia or waiting for wire services. The AI-generated country briefings offer sourced material ready for fact-checking.
2. Security Analysts Monitoring Corporate Risk
Multinational corporations with global supply chains face constant geopolitical risk. Security teams use globalthreatmap to visualize threats near facilities, shipping routes, and partner locations. The military bases layer reveals potential conflict escalation zones, while keyword alerts flag emerging risks before they impact operations.
3. Academic Researchers Studying Conflict Patterns
Researchers analyzing conflict diffusion, military base positioning, or historical war patterns gain a unified data platform. The CSV exports enable statistical analysis in R or Python, while the PowerPoint briefings support conference presentations. The exclusion of Wikipedia ensures source reliability for academic citation.
4. NGOs and Humanitarian Organizations
Aid organizations operating in conflict zones need real-time security updates. globalthreatmap's event feed with threat-level filtering helps assess evacuation needs, route safety, and operational continuity. The historical conflict data informs long-term program planning in post-conflict regions.
5. OSINT Enthusiasts and Amateur Analysts
For the growing community of open-source intelligence practitioners, globalthreatmap provides professional-grade tools without the enterprise price tag. The self-hosted deployment option means complete data control — critical for sensitive research topics.
Step-by-Step Installation & Setup Guide
Ready to deploy your own intelligence command center? Here's the complete setup:
Prerequisites
Before starting, ensure you have:
- Node.js 18+ installed
- A Mapbox account with API token
- A Valyu API key for intelligence data
- (Optional) An OpenAI API key for enhanced location extraction
Installation Commands
Clone the repository and install dependencies:
git clone https://github.com/unicodeveloper/globalthreatmap.git
cd globalthreatmap
npm install
Environment Configuration
Create a .env.local file in the root directory:
# Required: Mapbox token for map rendering
NEXT_PUBLIC_MAPBOX_TOKEN=your_mapbox_token_here
# Required: Valyu API for intelligence data
VALYU_API_KEY=your_valyu_api_key_here
# Required: Set app mode (self-hosted recommended for personal use)
NEXT_PUBLIC_APP_MODE=self-hosted
# Optional: OpenAI for AI-powered location extraction
OPENAI_API_KEY=your_openai_api_key_here
Obtaining API Keys
| Service | URL | Purpose |
|---|---|---|
| Mapbox | https://account.mapbox.com/access-tokens/ | Map rendering and geocoding |
| Valyu | https://valyu.ai | Intelligence data and AI research |
| OpenAI | https://platform.openai.com/api-keys | Enhanced location extraction (optional) |
Running the Development Server
npm run dev
Open http://localhost:3000 in your browser. The map initializes with military base data, and the event feed begins populating from Valyu's search API.
Production Deployment
For production, globalthreatmap includes one-click Railway deployment:
Alternatively, deploy to Vercel or any Node.js-compatible hosting with environment variable configuration.
REAL Code Examples from globalthreatmap
Let's examine actual implementation patterns from the repository, with detailed explanations of how the intelligence pipeline works.
Example 1: Environment Configuration for Self-Hosted Mode
The .env.local file controls the entire application behavior. Here's the exact configuration pattern:
NEXT_PUBLIC_MAPBOX_TOKEN=your_mapbox_token_here
VALYU_API_KEY=your_valyu_api_key_here
NEXT_PUBLIC_APP_MODE=self-hosted
# Optional: Enable AI-powered location extraction for better accuracy
OPENAI_API_KEY=your_openai_api_key_here
Critical insight: The NEXT_PUBLIC_APP_MODE=self-hosted flag is your gateway to unrestricted access. In this mode, no authentication UI appears, and all features — including unlimited country conflict lookups and entity searches — are available. API costs are billed to your Valyu account, making this ideal for personal deployments or internal team tools. The optional OPENAI_API_KEY enhances geocoding accuracy by using GPT models to extract locations from unstructured event descriptions — a significant improvement over regex-based parsing.
Example 2: Project Structure — The Intelligence Architecture
The repository follows a domain-driven structure optimized for intelligence workflows:
globalthreatmap/
├── app/
│ ├── layout.tsx # Root layout with providers
│ ├── page.tsx # Main dashboard composition
│ ├── globals.css # Global styles with Tailwind v4
│ └── api/ # API routes — the intelligence backend
│ ├── events/ # Event fetching via Valyu Search
│ ├── entities/ # Entity research endpoints
│ ├── reports/ # Deep research report generation
│ ├── countries/
│ │ └── conflicts/ # Country conflict intelligence API
│ └── military-bases/ # Military base data (1hr cache)
├── components/
│ ├── map/ # Map visualization layer
│ │ ├── threat-map.tsx # Main Mapbox component with layers
│ │ ├── timeline-scrubber.tsx # Auto-pan animation controls
│ │ └── country-conflicts-modal.tsx # Conflict detail overlay
│ ├── feed/ # Real-time event feed UI
│ ├── search/ # Entity search interface
│ ├── alerts/ # Alert rule management
│ └── ui/ # Design system components
│ └── markdown.tsx # Rendered for AI-generated reports
├── lib/
│ ├── valyu.ts # Valyu client initialization & typed API calls
│ ├── geocoding.ts # Location extraction (OpenAI-enhanced)
│ └── event-classifier.ts # Threat level categorization logic
├── stores/
│ └── map-store.ts # Zustand store: viewport, layers, base visibility
├── types/ # Shared TypeScript definitions
└── hooks/ # Custom React hooks for data fetching
Architecture insight: Notice the clear separation between data layer (lib/, app/api/), state layer (stores/), and presentation layer (components/). The Zustand store in map-store.ts manages map viewport, active layers, and military base visibility — enabling performant updates without prop drilling. The API routes act as a facade pattern, abstracting Valyu's APIs behind typed endpoints that the frontend consumes reliably.
Example 3: Authentication Modes — Self-Hosted vs. OAuth
The application supports dual authentication modes controlled by a single environment variable. Here's the self-hosted configuration (recommended for developers):
NEXT_PUBLIC_APP_MODE=self-hosted
VALYU_API_KEY=your_valyu_api_key_here
In self-hosted mode:
- No sign-in panel renders in the UI
- All features are universally accessible
- Valyu API usage bills to your account
- Ideal for personal deployments, demos, and internal tools
For multi-user SaaS deployments, switch to OAuth mode:
NEXT_PUBLIC_APP_MODE=valyu
NEXT_PUBLIC_VALYU_AUTH_URL=https://auth.valyu.ai
NEXT_PUBLIC_VALYU_CLIENT_ID=your-client-id
VALYU_CLIENT_SECRET=your-client-secret
VALYU_APP_URL=https://platform.valyu.ai
NEXT_PUBLIC_REDIRECT_URI=http://localhost:3000/auth/valyu/callback
The OAuth 2.0 flow with PKCE (Proof Key for Code Exchange) ensures secure token exchange:
- User clicks "Sign in with Valyu"
- App generates cryptographically random
code_verifierandcode_challenge - Redirect to Valyu's authorization endpoint with challenge
- Post-authentication redirect to
/auth/valyu/callbackwith authorizationcode - Backend exchanges
code+code_verifierforaccess_token - User profile stored in
localStoragefor session persistence
Feature gating in OAuth mode creates a freemium structure: unauthenticated users see the map and event feed free, get 2 complimentary country conflict lookups, but must authenticate for entity search and unlimited lookups.
Example 4: API Routes — The Intelligence Pipeline
The backend exposes a clean REST API for all intelligence operations:
| Route | Method | Description | Cache |
|---|---|---|---|
/api/events |
GET | Fetch global events from Valyu Search | — |
/api/events |
POST | Fetch events with custom query parameters | — |
/api/entities |
GET/POST | Research entities; returns locations for map plotting | — |
/api/deepresearch |
POST | Initiate async deep research task; returns taskId |
— |
/api/deepresearch/[taskId] |
GET | Poll task status; returns report deliverables when complete | — |
/api/reports |
POST | Generate on-demand deep research reports | — |
/api/countries/conflicts |
GET | Historical and current conflicts for specified country | — |
/api/military-bases |
GET | US and NATO base locations with metadata | 1 hour |
The military bases endpoint implements 1-hour caching — appropriate for relatively static infrastructure data. The deep research endpoints use async job pattern: POST initiates a 5-10 minute research task, and clients poll GET with the returned taskId until completion. This prevents HTTP timeouts for long-running AI operations.
Example 5: Valyu Integration — The AI Intelligence Engine
The lib/valyu.ts file encapsulates all Valyu API interactions:
// lib/valyu.ts — conceptual implementation based on README
import { Valyu } from 'valyu-js';
// Initialize with API key from environment
const valyu = new Valyu({
apiKey: process.env.VALYU_API_KEY,
});
// Search API: Find global events and breaking news
export async function searchEvents(query: string, filters?: EventFilters) {
const results = await valyu.search({
query,
excludeSources: ['wikipedia.org'], // Ensure primary sources only
...filters,
});
return results.events;
}
// Answer API: Synthesize conflict intelligence with citations
export async function analyzeConflict(country: string, timeframe: 'current' | 'historical') {
const analysis = await valyu.answer({
question: `What are the ${timeframe} conflicts involving ${country}?`,
includeCitations: true,
depth: 'comprehensive',
});
return analysis;
}
// Deep Research API: Generate comprehensive intelligence dossier
export async function createIntelligenceDossier(entity: string) {
const task = await valyu.deepResearch.create({
subject: entity,
deliverables: ['report', 'csv', 'powerpoint', 'pdf'],
sourceCount: 'maximum', // Pull from hundreds of sources
});
return task.id; // Poll with this ID for results
}
Integration insight: The deliberate Wikipedia exclusion in search configuration is a sophisticated design choice. For intelligence work, primary sources and verified reporting outweigh encyclopedic summaries. The includeCitations: true flag ensures every AI-generated claim is traceable — essential for analyst verification and academic integrity.
Advanced Usage & Best Practices
Optimizing Event Feed Performance
For high-volume monitoring, combine threat-level filters with keyword alerts rather than loading all events. The Zustand store persists filter state across sessions — configure once, monitor continuously.
Leveraging Auto-Pan for Display Scenarios
The auto-pan mode (timeline-scrubber.tsx) isn't just aesthetic — it's designed for passive monitoring stations. Enable it on dedicated displays in security operations centers for continuous global coverage without manual interaction.
Deep Research Workflow Optimization
Entity research takes 5-10 minutes. Queue multiple research tasks in parallel by calling /api/deepresearch repeatedly, then poll all task IDs simultaneously. The CSV exports are immediately usable in GIS tools like QGIS for spatial analysis.
Custom Layer Development
The Mapbox GL JS implementation in threat-map.tsx supports custom layer injection. Add proprietary data sources — corporate facility locations, supply chain routes, private intelligence feeds — by extending the Zustand store and adding new GeoJSON sources.
Security Hardening for Production
When self-hosting publicly, implement:
- Rate limiting on API routes to prevent Valyu quota exhaustion
- IP allowlisting for the
/api/deepresearchendpoints (expensive operations) - Environment variable validation with Zod schemas (already included in dependencies)
globalthreatmap vs. Alternatives
| Feature | globalthreatmap | Liveuamap | ACLED | Palantir Gotham |
|---|---|---|---|---|
| Cost | Free (self-hosted) | Freemium | Paid API | Enterprise ($$$$) |
| Open Source | ✅ Full source | ❌ Proprietary | ❌ Proprietary | ❌ Proprietary |
| Self-Hostable | ✅ Complete control | ❌ Cloud-only | ❌ Cloud-only | ❌ On-prem license |
| AI Research | ✅ Built-in deep research | ❌ None | ❌ None | ✅ Custom models |
| Military Bases | ✅ Included | ❌ Not focused | ❌ Not focused | ✅ Classified focus |
| Export Formats | CSV, PPTX, PDF | Limited | CSV, API | Custom |
| Customization | ✅ Full code access | ❌ None | ❌ API only | ❌ Vendor-dependent |
| Setup Time | 30 minutes | Immediate | API integration | Months |
Verdict: globalthreatmap dominates for developers and analysts who need customizable, cost-controlled intelligence infrastructure. Liveuamap wins for immediate casual use. Palantir serves government-scale budgets. ACLED excels for structured conflict data research. But only globalthreatmap combines real-time mapping, AI research, military visualization, and complete code ownership at zero licensing cost.
Frequently Asked Questions
Is globalthreatmap free to use?
Yes, the code is MIT-licensed and free. You'll need Valyu and Mapbox API keys, which have generous free tiers. Self-hosted mode has no per-user fees.
How accurate is the conflict data?
Data is AI-synthesized from hundreds of sources with citations. Always verify critical decisions with primary sources — this is OSINT, not classified intelligence.
Can I add my own data sources?
Absolutely. The modular API route structure in app/api/ makes it straightforward to integrate additional feeds. Extend lib/valyu.ts or create parallel clients.
What hardware requirements exist?
Any machine running Node.js 18+. The client-side Mapbox rendering is GPU-accelerated but works on integrated graphics. Server-side is lightweight API proxying.
Is there a mobile app?
Not currently. The Next.js app is responsive and works in mobile browsers. Native apps would require separate development using the same API endpoints.
How do I contribute to the project?
Submit issues and PRs to https://github.com/unicodeveloper/globalthreatmap. The modular architecture welcomes extensions — new map layers, additional export formats, and enhanced authentication are natural contribution areas.
Can I use this for commercial purposes?
MIT license permits commercial use. Ensure compliance with Valyu's terms for API usage, and consider the OAuth mode for multi-tenant SaaS deployments.
Conclusion: Your Intelligence Advantage Starts Now
The world isn't getting simpler. Conflicts proliferate, information overload intensifies, and the gap between raw data and actionable intelligence widens. globalthreatmap bridges that gap with an open-source platform that rivals enterprise tools at zero licensing cost.
What impresses me most isn't any single feature — it's the architectural coherence. From the Zustand state management to the Valyu API abstraction, from the PKCE authentication flow to the Mapbox layer system, every technical decision serves the core mission: making global threat intelligence accessible, verifiable, and actionable.
For developers, it's a production-grade Next.js reference architecture. For analysts, it's a force multiplier that compresses hours of research into minutes. For the curious, it's a window into geopolitical dynamics that no news feed can match.
Deploy your own OSINT command center today. Clone the repository, configure your keys, and start seeing the world differently. The threats are real — your awareness should be too.
👉 Get globalthreatmap on GitHub — Star it, fork it, build something extraordinary.
Comments (0)
No comments yet. Be the first to share your thoughts!
