Flashpoint dashboards provide users a comprehensive view of data measured against Flashpoint collections that are most relevant to an organization. Users can monitor the latest credit card leaks or a high-fidelity feed of cyber observables, keep track of the most active CVEs, access recently disclosed and historical breaches, and customize their default view by collections and interests. Flashpoint dashboards

provide a single-pane view into information and data to help better mitigate exposure and risk to your organization.

Available Flashpoint Dashboards


Collection of stolen credit card data found in illicit high-end credit card shops, compromised from a variety of operations—including dumps from point-of-sale (POS) compromises, and credit cards harvested from card-not-present transactions. Users are provided credit card data including bank identification numbers (BIN) and various card details including country location and expiration dates.

Our collections provide enough information to understand broader exposure to these shops, and when analyzed in aggregate, the potential ability to flag high-risk cards based on BINs, ZIP code, and in some instances, purchase activity.


Access to the latest CVEs within Flashpoint collections, including access to MITRE and National Vulnerability Database (NVD) data, as well as CVEs discussed by threat actors as observed by Flashpoint intelligence analysts. Users are provided a single-pane view into the latest CVEs mapped to Flashpoint illicit actor discussion data.


Search for recently disclosed and historical breaches against Flashpoint’s archive of compromised credentials collections. Users are able to view top compromised domains and passwords from a specific breach, as well as compare unique credentials from previous attacks.


Enables users to customize their default landing page to include information regarding Flashpoint data and specific user interests and needs.


Flashpoint leverages its unique access to underground communities to collect and deliver a near real-time stream of cyber observables that can identify illicit activity from inside forums and file-sharing communities focused on cybercrime, hacking, fraud, and extremism/terrorism. These high-fidelity observables include IP address, location (city/ country), hosting provider, timestamp, and user-agent string.

The RIOs Dashboards classifies these observables by torrents—which are collections of files shared among illicit online communities using a decentralized peer-to-peer technology—and discussion threads. Torrent observables enable users to view the substance of torrented files, while discussion thread observables provide users the ability to pivot directly to the original forum thread within the Flashpoint Intelligence

Platform. This visibility equips users with insights that can support investigations and inform defenses.

Many illicit forums specialize in topics related to crime or extremist ideologies, which is why actors utilize illicit online anonymity measures. RIOs provide insights and identifiers related to the specific illicit community to potentially support investigations.


Enables organizations to search and monitor Flashpoint’s unique collections for compromised enterprise accounts and passwords in order to flag accounts, reset employee passwords, and restrict permissions to prevent actors from accessing confidential or personally identifiable information (PII).


Provides access to Flashpoint's collections of ransomware-specific sites, allowing users to monitor activity in malicious communities more comprehensively, as well as to measure the risk impacting the organization or brand.

Users are able to view the victims subjected to ransomware attacks, filter by specific ransomware families, and access other critical insights, including first and last observed activity. Pivot directly into related Flashpoint Finished Intelligence for additional context and research.


Enables users to access indicators of compromise (IOCs) and technical data across Flashpoint datasets and those included in Finished Intelligence Reports, allowing for seamless integration into users’ workflows and automated tools.

Use Cases

CARD FRAUD DASHBOARD: Credit Card Fraud Detection

Rapid detection of credit card fraud is crucial not only for preventing fraudulent transactions of the same type from recurring—but also for identifying new indicators of risk and adjusting fraud-prevention controls accordingly to minimize future losses.

By making the credit card data offered in card shops seamlessly viewable and filterable by bank identification number (BIN) and other key identifiers, the Card Fraud Dashboard makes it easy for users to monitor for card numbers linked to their organization. Card numbers associated with BINs advertised in these shops can then be categorized as high-risk, thereby enabling fraud detection teams to quickly flag suspicious transactions from these cards as fraudulent.

CVE DASHBOARD: Patch Prioritization

Patch prioritization remains one of the most challenging aspects of vulnerability management. And it’s easy to see why: Hundreds of new CVEs are assigned every month, yet most are never weaponized—regardless of their Common Vulnerability Scoring System (CVSS) score.

The CVE Dashboard enhances the limited context provided by CVSS scores by revealing which CVEs threat actors most often discuss and are thus most likely to weaponize. These insights can help vulnerability management teams allocate resources and deploy patches more efficiently and effectively based on the unique risk each CVE poses to their organization.

RIOS DASHBOARD: Anti-Terrorist Financing

Illicit online communities frequented by terrorist groups have long facilitated terrorist financing schemes, many of which can be especially difficult to identify and attribute due to their complexity and the myriad obfuscation techniques involved. The RIOs Dashboard supports anti-terrorist financing (ATF) efforts by granting users visibility into high-fidelity cyber observables from terrorism-related communities. These observables can help ATF teams identify customers who frequent these types of illicit communities and are thus more likely to be involved in ATF schemes.

BREACH DASHBOARD: View Insights and Overall Trends

Cybercriminals continue to conduct sophisticated operations in order to collect credentials for fraudulent activity.

The Flashpoint Breach Dashboard provides insight into compromised credential breaches and enables users to analyze top-level metrics related to specific breaches. This allows enterprises to determine the validity of each breach and the potential risk to their organizations.

CCM-E DASHBOARD: Preventing Account Takeover (ATO)

Employee reuse of passwords, where the same or similar passwords and email addresses are recycled for different web-based services, presents a major risk to enterprises. The CCM - E Dashboard provides the ability to access Flashpoint’s historical compromised credentials collections to view password data, as well as their

complexity. Users are able to create password profiles to see how many passwords would have been filtered out based on the complexity requirements, providing insight into understanding an enterprise’s exposure and how complex their exposed passwords are.

Did this answer your question?