Overview

Organizations struggle with gaining access to illicit online communities as a critical area of their operational and reputational risk strategy. They are missing key details and intelligence that originates from underground communities, where initial planning of malicious campaigns often begin. By having insight into open web channels, as well as illicit online communities, they can achieve a holistic view of the threat landscape, whereas relying on open web only provides a surface-level view.

Online illicit communities remain a key source for critical data and intelligence pertaining to a wide range of cyber and physical threats, fraudulent activities, and malicious actors. Organizations are recognizing the need to gain visibility into trends and activities of threat actors engaging in criminal activity, and need a solution that provides signal-rich and relevant information with the context required to evaluate and understand it.

The Flashpoint & RiskIQ Advantage

This solution delivers an extensible threat intelligence platform that pulls insights and context from illicit online communities, as well as technical data, to provide defenders the prioritization, customization, and collaboration needed for increased security effectiveness and efficient threat operations and management.

Key Features

PLATFORM ADVANTAGES

  • Optimize investigations

  • Speed up threat analysis

  • Mitigate threats in a timely manner

  • Integrate with existing customer workflows and third-party security tools

REDUCE OPERATIONAL, REPUTATIONAL RISK

Find, inventory, and monitor open web and closed forum-exposed assets to increase the visibility of your digital attack surface and reduce business exposure.

OPTIMIZE RESOURCES & REDUCE TIME TO DETECTION AND RESPONSE

Increase productivity through automated intelligence, proactive analytics, and mitigation workflows, as well as realize toolset and dataset consolidation.

FORTIFY COMPLIANCE

Proactively identify unsanctioned and malicious reputational abuse, pinpoint managed, unmanaged, and rogue external infrastructure, as well as at-risk partners from the surface web and closed forums that expose your business.

Integrated Flashpoint Datasets

COMMUNITIES

Forums: Access to signal-rich discussions from illicit threat-actor communities. Supplement internal data with targeted data from highly curated sources.

Chat Services: Access to around-the-clock conversations within threat-actor channels to monitor and gain insights across threat-actor communities. Collections include Telegram, Discord, as well as Chinese-speaking threat actors.

Paste Sites: Enables access to openly shared research, data leaks, and other plain-text files frequently used by both anonymous sources and threat actors to share malicious activity, providing a broader view into open web data.

SHOPS

Marketplaces: Access to top-tier marketplaces, where threat actors buy and sell items such as stolen credentials and personally identifiable information (PII).

Use Cases

OPERATIONS AND REPUTATION

Gain visibility into threats that extend beyond open web intelligence. Flashpoint provides organizations access to illicit forum and community data to identify risks that are not visible via open web channels, enabling a holistic view of the threat landscape, and allowing for custom alerting specific to the organization.

MOBILE APPLICATION VULNERABILITIES

Illicit forums provide insight into the actors, and the tactics, techniques, and procedures (TTPs) affiliated with malicious campaigns, and how threat actors are weaponizing malware within mobile applications. Leveraging Flashpoint’s forums dataset within the RiskIQ platform increases awareness, and enables organizations to be proactive in improving application security.

SAFEGUARDING PERSONALLY IDENTIFIABLE INFORMATION (PII)

Threat actors within illicit online communities are selling stolen personally identifiable information, including identities and sensitive credentials. The integration between RiskIQ and Flashpoint provides insight into the source of the leak and the depth of the compromise. Organizations can leverage these insights to improve security within their environment and protect their clients and employees information.

Did this answer your question?