Explore the Cyberint remediation lifecycle across risk categories
Click on a risk category to begin
Common Phishing Use Cases
- Phishing websites
- Look-alike domains
- Phishing kits
- Phishing e-mail campaigns
Discover: Phishing threats are found through picture detection algorithms, as well as source code detection, company assets in URLs and look-alike domains.
Analyze: Assessing the viability of the phishing threats by checking the activity of the suspicious site. In addition, further investigation is provided to validate each phishing incident.
Remediate: The customer receives an alert in real-time regarding the phishing threat on their organization. After validation, the customer can issue a takedown request to mitigate the threat.
Common Brand Abuse Use Cases:
- Social media impersonation (Company & VIP)
- Website impersonation
- Mobile app impersonation
Discover: Social Media impersonation threats are discovered utilizing detection of similar account names (company, executive, product, etc.), as well as logo infringement.
Analyze: Making in-depth assessments on whether the similar page is of malicious or illegal intent. Further investigations about a suspicious account are done for a comprehensive intelligence picture.
Remediate: The customer receives an alert in real-time regarding the impersonation threat on their organization. After validation of the threat, the customer can initiate a takedown request or launch an additional HUMINT & OSINT investigation.
Common Attackware Use Cases:
Discover: Scraping and scrawling data from various ransomware groups’ underground websites.
Analyze: Detection of exposed sensitive information directed to the organization or to it’s third parties, containing confidential documents, credentials, sensitive data, etc. Deeper analysis and enrichment is available via automated forensic tools.
Remediate: The customer receives an alert in real-time regarding the ransomware attack. In case of a direct attack on the organization (rather than a third party), the issue is escalated with the highest priority. Further WEBINT/HUMINT investigation can also be conducted.
Common Fraud Use Cases:
- Refund/ coupon
- Insider threat
Discover: Gift card details that are exposed and/or offered for sale on various sources, such as underground marketplaces and dark web forums, social media platforms, etc.
Analyze: Assessing the validity of the threat and the current relevance to the customer.
Remediate: The customer receives an alert in real-time regarding the exposure. After validation of the threat, the customer can cancel the card and alert the cardholder accordingly.
Common Data Leakage Use Cases:
- Employee/ customer credentials
- Exposed code
- Confidential docs
Discover: Exposed employee credentials are discovered through malware logs, breached databases, exposed code, confidential documents, etc.
Analyze: Assessing the validity and risk level of the specific exposure and identity of the employee that was affected. Further enriching analysis via automated forensic tools.
Remediate: The customer receives an alert in real-time regarding the exposure. After validation of the threat, the customer can reset all relevant passwords, as well as conduct further investigations to understand the source of the exposure.
Common Vulnerabilities Use Cases:
- Exposed cloud storages
- Exposed internal environments
- Open ports
- Vulnerable technologies in use (CVEs)
Discover: Discovery of various cloud storage buckets that have similar characteristics to the organization and/or that contain documents that are related to the organization (e.g., third party buckets.
Analyze: Validating whether a specific bucket is connected to the organization in any way and contains sensitive information. In addition, the analysis also includes identifying misconfigurations within the buckets.
Remediate: The customer receives an alert in real-time regarding the exposed cloud storage. The customer mitigates the issue internally, and in case the bucket belongs to a third party, further investigation is possible to identify the owner of the bucket and mitigate the issue accordingly.
Collect Threat Intelligence from multiple sources
Discover and monitor your Attack Surface 24/7