The tools and methods attackers use to take over employee accounts are continually evolving, leaving organizations at a disadvantage. By abusing enterprise credentials, threat actors easily access sensitive data that often compromises valuable assets. It’s imperative for organizations to have a plan for proactively preventing employee fraud and account takeover (ATO) originating from stolen credentials.

Flashpoint's Compromised Credentials Monitoring - Enterprise solution enables organizations to search and monitor on email credentials, logins, and affected domains. Flashpoint’s unique collections provides organizations with unparalleled data and insights to prioritize risk, predict future attacks, and further prevent threat actors from accessing confidential or personally identifiable information (PII).


Key Benefits of CCM-E

  • Proactively prevent employee fraud and account takeover (ATO) originating from stolen credentials with deep visibility into an organization's exposure. View, search, and monitor for email credentials, logins, and host data (including host attributes such as machine details, location information, ISP information) as well as cookies data related to employee emails, usernames, and associated domains

  • Save time and resources with alerts and monthly reports that include actionable compromised credential data

  • Mitigate risk and better understand organizational exposure by safely accessing Flashpoint’s collections to conduct in-depth searches for recently disclosed and historical breaches against Flashpoint’s archive of compromised credentials

  • Analyze breaches and predict future risk with confidence by easily tracking exposure changes over time

  • Filter out false positives for compromised employee accounts

  • Leverage a seamless integration via the Flashpoint API


Use Cases

  • Restrict User Access & Know When to Reset Passwords

    Flashpoint filters false positives and provides organizations with the compromised credentials that meet their organization’s password policy. Organizations may leverage Flashpoint’s API and data to automate workflows to reset exposed employee credentials, restrict access to resources, and receive alerts when a compromise has been detected.

  • Enforce Strict Password Policy

    CCM-E allows organizations to search through Flashpoint’s historical compromised credentials collections to view password data, including password complexity details such a length, upper-case letters, numeric, and special characters. Users can create password profiles to see how many passwords would have been filtered out based on their organization's password complexity requirements. These insights enable organizations to mitigate risk by better understanding their exposure.

  • Prevent Bypassing MFA

    Prevent threat actors from bypassing MFA using compromised browser sessions by checking for employee cookie data.

  • Monitor Stolen Accounts for Future Sessions

    When an employee's devices and accounts have been compromised, cookie data allows organizations to flag these accounts to monitor for future sessions.

  • Identify Employer-Owned Compromised Machines

    When an employer-owned machine has been compromised, Flashpoint’s host data quickly alerts users, allowing organizations to take swift action.


Did this answer your question?