Information Discovery is something that involves identifying and finding sensitive or regulated data to adequately protect or securely remove. It involves auditing sensitive/ remote information. In today's era of remote workers, data spread across several systems, applications and databases necessitates authentication, a challenging task. Data discovery enables us to be aware of our weaknesses and promotes context aware security solutions. Objectives of someone discovering information would be to find out the network data like public or private and associated domain names, whatever UDP and TCP services they're currently running, Information regarding the SSL certificates or open ports and more. Collecting system related information - user enumeration, system groups or OS hostnames, OS system types etc., would prove to be very useful. In this paper, we present how information gathering is very essential for a cyber-analyst in the security point of view and we will look into the tools used for information gathering and discovery. One would be surprised when they know the number of tools that are available online for free that will help uncover such information. While these tools can be very useful if used in the right way, they can also be very dreading because of the vast information gathering properties they possess. We will describe how a simple Google search engine can shed light on a lot of vulnerabilities. Different tools that are used for e-discovery and their workings are explained here. With special emphasis on Google Dorking and how it is a very valuable resource for analysts, we show indexing and the structure of the internet. We will talk about how OSINT is crucial and how information gathering is used in social engineering. We discuss the type of attacks and the defense mechanisms. We will then talk about how intrusion detection systems are coupled with OSINT for protection of data.