ImmuniWeb, a developer of technologies for application security testing and attack surface management, is offering a comprehensive snapshot of Dark Web exposure for organisations of all sizes.
This feature is now integrated into the company’s Domain Security Test, which offers several detection capabilities including Dark Web exposure monitoring, phishing campaigns monitoring, domain squatting monitoring, trademark infringement monitoring and fake social networks accounts monitoring.
According to the Geneva, Switzerland-based company, this feature enables enterprises, governments and businesses across the board to rapidly illuminate and assess their current exposure.
To run the test to discover Dark Web exposure and incidents, users need only enter the main Web site URL of their company and wait a few minutes to see the results.
ImmuniWeb's monitoring of the Dark Web includes mushrooming hacking forums and underground marketplaces, dedicated IRC channels and Telegram chats, paste-Web sites and many other locations in the deep, dark and surface Web that offer, trade or advertise stolen data.
More often than not, the data includes stolen login credentials from breached Web sites, servers and SaaS platforms, as well as other types of data leaks, such as stolen databases, source code or documents.
ImmuniWeb’s technology continuously monitors and trawls the Dark Web for stolen login credentials, data breaches, intrusions and other types of security incidents, and its deep learning AI technology analyses and ranks massive volumes of information from across the Web, filtering and discarding the growing volume of fake, duplicate or irrelevant data, extracting critical insights to provide actionable information.
The company now has visibility across more than 30 billion login credentials and data leaks exposed on the Dark Web.
This feature enables enterprises, governments and businesses across the board to rapidly highlight and assess their current exposure.
To prevent cyber criminals from using the new free service for unlawful purposes, no logins or passwords are displayed, instead, an overall quantity, risk score and classification of data are provided. Organisations looking to deep dive into the details need to use ImmuniWeb Discovery, the company’s attack surface management solution. Upon user identity verification, all incidents are disclosed with ample details.
“Organisations of all sizes are incrementally exposed to perilous cyber threats stemming from the silent proliferation of their data on the Dark Web,” says Ilia Kolochenko, CEO and founder of ImmuniWeb.
A perfectly secure Web application, for instance, may fall victim to cyber criminals who find a valid pair of login credentials from an employee, thereby opening the door to an organisation’s most valuable information. "Worse, a steadily growing multitude of suppliers and vendors have privileged, and frequently uncontrolled, access to business-critical systems and a countless number of other applications,” he adds.
When a trusted third-party is compromised, says Kolochenko, it is virtually impossible to quickly detect and thus mitigate the incident. “Further spread of outsourcing and a shift towards cloud and SaaS-based solutions gradually exacerbates the risk.”
Share