Story image

RepKnight adds dark web monitoring to top 3 SIEM vendors

04 Jun 2018

Today RepKnight announced the integration of its BreachAlert Dark monitoring platform with Splunk, IBM QRadar, and LogRhythm.

Gartner’s current Magic Quadrant for Security Information and Event Monitoring (SIEM) listed these vendors as the top three in the industry, with the market worth US$2 billion annually.

According to RepKnight, what the integration effectively means is that customers of these vendors will now be able to receive BreachAlert notifications directly into their core security operations centre platforms and correlate dark web data with in-house network activity.

The company says this integration couldn’t come soon enough, as the aforementioned Gartner report also asserts that “organisations are failing at early breach detection, with more than 80% of breaches undetected by the breached organisation.”

RepKnight CEO Jeremy Hendy says the reason for this is simple – the company believes that less than 1 percent of organisations are currently monitoring for leaked data being outside their network.

“Large organisations invest a lot of resource to prevent data breaches from their own networks. But that doesn’t help detect breaches of corporate data that’s already outside the firewall — sitting on the networks and endpoints of thousands of their clients, suppliers, and business partners,” says Hendy.

“It only takes one of those third parties to suffer a breach, and highly sensitive information can rapidly propagate onto dump sites, forums, and dark web marketplaces — often with disastrous consequences to your reputation.”

Hendy says what makes BreachAlert unique from other threat intelligence feeds is that it searches for targeted data specific to the organisation, like corporate email credentials, clients lists, IP addresses of critical infrastructure, or keywords relating to brand, product or app names. Furthermore, the SIEM integration allows the data to be automatically correlated with in-house activity.

“RepKnight’s vision is to look after your data, not just your network. Our BreachAlert SaaS platform makes it easy for organisations of any size to proactively monitor for their data being leaked online,” says Hendy.

“For our larger customers, integrating BreachAlert feeds into their SIEM platform is a natural step. As well as simplifying their incident response workflow, the integration allows dark web activity to be correlated with what’s happening inside the network.”

According to RepKnight, many attacks on businesses begin with compromised login credentials that often result from hacks to a third party website that an employee has signed up for with their work email address and a reused password.

Its BreachAlert platform has been designed to address staff or client login credential leaks to be addressed as soon as possible by providing live feeds of compromised credentials directly into the SIEM, in addition to an interactive historical database of more than 6 billion compromised credentials.

The solution scans the Dark Web and hundreds of other paste, dump, and bin sites used by cybercriminals to exchange, buy and sell corporate data, to then alert customers in real-time as soon as their data appears on the dark web.

Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.