Dark Web Monitoring

Our tool uses credentialed monitoring from domains to ascertain potential breach in real time and automatically alerts, because credentials or data is found on the Dark Web.

Platform is integrated with our ticketing system to provide context and swift response to potential breach within 24hrs of a recorded breach

SCOPE OF SERVICE

We will provide continuous searching, monitoring and reporting of your digital credentials on the Dark Web by monitoring the following:

  • Hidden chat rooms
  • Unindexed sites
  • Private websites
  • Peer-to-peer (P2P) networks
  • IRC (internet relay chat) channels
  • Social media platforms
  • Black market sites
  • 640,000+ botnets

WHY MONITORING FOR EXPOSED CREDENTIALS IS IMPORTANT

How are credentials compromised?

PHISHING

  • Send Emails disguised as legitimate messages
  • Trick users into disclosing credentials
  • Deliver malware that captures credentials

WATERING HOLES

  • Target popular sites: Social media, corporate intranet
  • Inject malware into the code of the legitimate website
  • Deliver malware to visitors that captures credentials

MALVERTISING

  • Inject malware into legitimate advertising networks
  • Deliver malware to visitors that captures credentials

WEB ATTACKS

  • Scan internet-facing company assets for vulnerabilities
  • Exploit discovered vulnerability to establish a foothold
  • Move laterally through the network to discover credentials

WHAT CAN AN ATTACKER DO WITH COMPROMISED CREDENTIALS

  • Send spam from compromised email accounts
  • Deface Web prosperities and host malicious content
  • Install malware on compromised systems
  • Compromise other accounts using the same credentials
  • Exfiltrate sensitive data(Data Breach)
  • Identity theft.

PROTECTING AGAINST CREDENTIAL COMPROMISE

While there is always a risk that attackers will compromise a company’s systems through advanced attacks, most data breaches exploit common vectors such as known vulnerabilities , unpatched systems and unaware employees. Only by implementing a suite of tools including monitoring, data leak prevention, multifactor authentication, employee security awareness training and others – can organizations protect their business from the perils of the dark web.