The Threat Intelligence module scans the web, searching for signals and data that may represent a breach of your data security and a threat to your business.
The constant vigilance afforded to you by the Threat Intelligence module shortens the time between the potential data breach and defensive response, reducing the opportunity for fraudulent activity.
Data Leakage Monitoring
Our Threat Intelligence module continuously scans well-known hacking and breach sites to find any financial information, credit cards, personally identifiable information (PII), IP / Domain addresses, emails, passwords, usernames and information related to your intellectual property.
Social Network Monitoring
Keepnet constantly monitors social network sites such as Twitter, Reddit, GitHub, Facebook fan pages, Google+ etc. The results are correlated with customer assets in order to detect any potential data leakage or a possible cyber attack. With the help of this engine, you can prepare yourself for potential attacks, such as putting DDoS protector into mitigation mode rather than monitoring mode.
Deepweb & Darkweb Digging
Our DarkWeb / DeepWeb analysis engine simultaneously digs famous Tor sites and IRC channels to find any data breach of your intellectual properties or personally identifiable information. Keepnet’s security analysts can even confidentially broker the purchase of leaked data sold on underground markets to facilitate quick response and mitigate further losses.
Fraudulent Domain Tracking
Fraudulent domains are frequently used by phishing attacks to target either a company’s employees or customers. As a result of our domain tracking, you will be notified if a fraudulent domain is registered or a domain’s IP address is changed. This information can be used to keep your Anti-Spam, IPS, IDS, FW, WAF or other border protection platforms up to date.
Our brand watch engine passively monitors customers’ Twitter account, Facebook page, Youtube channel, etc. for an anomaly or defacement. It also provides comprehensive security-related information about Alexa position, Shodan, ZoomEye, Cymon, VirusTotal scan results, AlienVault Threat info etc.
Usually, companies are hacked as a result of security flaws at 3rd-party companies. For example, if a forum site is hacked, hackers get a lot of credentials and tend to use them to discover and test vulnerabilities elsewhere. Our smart intelligence feature analyses 3rd-party security breaches and vulnerabilities and cross-references them back to your business.
Botnet control regularly checks whether your IP address or domain name is blacklisted or if it is a member of a botnet. We provide regular information about your IP / Domain reputation offering you peace of mind that your public IP addresses are whitelisted.
Fraudulent Mobile App Monitoring
Mobile app markets have no limitation to submit a fraudulent app. It is possible to create a fraudulent or phishing app and submit it to the Android or iOS App Store. Our mobile app monitoring engine creates an alarm if a mobile app with the same or similar name to yours appears on the markets.
Phishing Website Monitoring
DNS & Domain WHOIS Monitoring
One tactic of the cyber-criminal is to attempt to hack Domain Name Registration services in order to transfer a legitimate domain to themselves or change the corresponding IP addresses of a DNS record in order to perform Man-in-the-Middle (MITM) attacks. Our WHOIS monitoring feature prevents this by instantly creating an alarm if your Domain Name Registrar information is changed, the resolving IP is changed or even when a fraudulent domain’s IP is changed.
Passive Vulnerability Scanning
Continuous vulnerability scanning is required in to identify whether a customer’s system is affected by a recent security flaw. However, vulnerability scanning has an overhead on any system. Not to overload the customer system, Passive Vulnerability Scan Engine takes a snapshot of the target system on our servers and periodically checks whether the system is vulnerable to a newly-discovered security flaw.
Paste Site Monitoring
Paste sites — such as pastebin.com, pasted.co, pastebin.ca, paste.ee, etc. — are instantly monitored by our Paste Site Monitoring engine for any leaked sensitive information, including: financial information, credit card data, personally identifiable information (PII), IP / Domain address, email, password, username and information related to the intellectual property.
Personally Identifiable Information (PII) Tracking
There are hundreds of millions of emails, passwords and usernames leaked on the internet. Our Personally Identifiable Information (PII) Tracking engine collects these breaches and correlates them your contacts or users to notify you if you are affected.
We monitor and notify you when we find any data about recent attack vectors, news, defacements, malwares or phishing activities. All of which give you an up to date overview about cyber criminal tendencies and methods.