Get a Demo of Cyberint’s AI-Powered External Risk Management Solution
Automatically Discover Brand Impersonations
Using advanced scanning capabilities & machine learning to detect malicious impersonations in the form of lookalike domains and fake social media profiles.
Autonomous Attack Surface Management
Continuous attack surface mapping paired with active vulnerability scanning to ensure maximum risk reduction.
Make Your Team More Efficient
Using an AI-powered external risk management solution enables cyber security teams to work faster and more efficiently.
Get a Demo!
In the POV we realized that Infinity ERM was much more than an EASM solution, it delivered much value with highly relevant intelligence from the deep and dark web.
Benjamin Bachmann, Head of Group Information Security Office at Ströer 
Once we identified the need to address the risk of fraudulent websites and social profiles, I quickly realized we needed to handle this in a scalable manner. Our solution is to use Infinity External Risk Management to help us automatically detect and takedown these threats.
Ken Lee, IT Risk and Governance Manager at WeBull 
We were looking to establish a new threat intelligence capability within Questrade and, in order to support that, we needed to have a platform that would give us deep insights.
With Infinity ERM, we’re not only getting intelligence from the general landscape but we’re also getting intelligence that’s really tailored to us and our environment
Shira Schneidman, Cyber Threat & Vulnerability Senior Manager at Questrade 
We have a really good relationship with customer support and the analyst teams.” Said Evans, “We are constantly being alerted about things to respond to. Because we’re a small team they are like an extension of us – which really helps from a risk management standpoint.
Evans Duvall, Cyber Security Engineer at Terex 
We looked at some other vendors and they have good solutions, but we needed more than what they could offer. With Infinity ERM, I can continuously monitor not only all of Phoenix Petroleum’s domains, but all our digital assets, plus we get relevant intelligence from the deep and dark web.
Roland Villavieja, Information Security Officer at Phoenix Petroleum 
Verified & Contextualized Alerts
Continuous and Autonomous Discovery and Collection
High fidelity alerts, low false positives, contextualized alerts, minimal time commitment for risk mitigation and the ability to make a positive impact on the business and reduce overall cyber risk.
Unified External Risk Management Solution
FAQs
How does Cyberint’s solution decide if the data it detects is a cyber security risk?
Using Cyberint’s proprietary machine learning algorithm, you can automatically correlate raw intelligence items with your organization’s assets, prioritize threats according to their potential risk and impact, and save your organization time and resources.
How often do you crawl and scrape your sources? And how do you evade detection?
Each source is crawled and scraped according to the allowed policies on it. For example, if a dark web forum is monitored for suspicious scraping activity, we will make sure we collect information at a pace that does not raise any suspicion. We try to keep each source up to date with no longer than a week between each scraping (often much much more).
How does Cyberint discover my external attack surface?
Cyberint continuously & automatically scans the open, deep and dark web to discover your external IT infrastructure. Using publicly-available data, like DNS records, WHOIS data, SSL certificates, and more, Cyberint’s Attack Surface Monitoring module maps out your organization’s external attack surface, including IP addresses, domains, subdomains, cloud storage, and organizations (i.e. trademarked brands).
How intrusive is Cyberint’s external discovery process? When you scan is there any active testing?
The core ASM solution process is passive so it does not actively validate or test any security controls. The discovery process will not give security teams the impression an attack is underway. There is no impact on normal operations.
However we just added a new option, active exposure validation which allows you to take ASM one step further if you wish.
What types of security issues can Cyberint identify in my external digital assets?
The types of security issues we identify are:
- Certificate Authority issues
- Compromised Credentials
- Email Security issues
- Exploitable Ports
- Exposed Cloud Storage
- Exposed Web Interfaces
- Hijackable Subdomains
- Mail Servers In Blocklist
- SSL/TLS issues
How often do you scan for phishing and brand impersonation?
By default, we scan for phishing and brand impersonation weekly. However, we can change this frequency to daily or another interval based on your needs. When our Phishing Beacon is implemented and tracking code is placed on your pages, you get immediate alerts when a page is cloned. This allows us to quickly identify and take down phishing websites before they can cause any harm.
What does the takedown process look like?
Cyberint has an in-house remediation team specializing in takedowns. We have built relationships with a variety of hosting providers, registrars, social media platforms, and app stores around the world, and we have developed standardized procedures with these organizations. When a customer requests a takedown, a form is automatically filled out and sent from a Cyberint email address to the relevant host, specifying the reasons for the request and the risks involved. Our team then monitors the requests, and customers can check the viewed in the “Takedown Requests” dashboard. We can take down phishing webpages, phishing domains, social media accounts, social media posts, pastesites, GitHub repositories, mobile applications, and more.
Are there automated takedowns?
Yes, all our takedowns begin with an automated process of an email from a Cyberint email address to a variety of hosting providers, registrars, social media platforms, and app stores. Once initiated, all takedowns are monitored in a “Takedown Request” dashboard by our analysts for progress.
