Case Study - Exposing Compromised Assets
See how ThreatPipes is used to expose weak links in your organisation that attackers can leverage.
The easiest way in through the front door, so to speak.
Many attackers will often attempt to compromise users accounts in order to gain access to your network.
ThreatPipes can be used to gather intelligence from the internet and dark web to show you employees susceptible to being exploited.
Days of reconnaissance work can be automated to a matter of minutes.
Analysing an organisations domain, ThreatPipes can uncover email addresses matching that domain, if those accounts are known to be linked to personal email addresses, what external accounts that person has signed up to, if those external accounts have had their passwords leaked, and so on.
You’d be surprised how many employees are exposed by ThreatPipes for signing up for social media accounts, e-commerce accounts, and yes, dating sites using their work email – I’ve seen this sensitive data be used to blackmail users before!
How many breaches from these types of services has there been recently?
Answer: Too many.
ThreatPipes will also uncover any known software an organisation uses in its reporting.
See where I’m going with this?
An attacker could take a compromised password and try it against software the company uses. No one reuses passwords, right?
And that’s just one attack vector.
ThreatPipes scan can be used to reveal a lot of information about a target. With over 150 modules (and counting) to extend ThreatPipes intelligence gathering capabilities, weak user accounts represent a small footprint of the potential weak links in your network it can expose.
Though without context, this information can be overwhelming
That’s why ThreatPipes curates the intelligence in useful reports, identifying the most critical issues based on complex relationships in the data discovered.
If credentials have been leaked to multiple leak sites, like haveibeenpwned or Pastebin, and these leaks are actively being discussed on the darkweb, ThreatPipes will assign a high risk score allowing you to prioritise the most severe threats first.
And it doesn’t stop with the first scans. New data breaches are increasing in volume.
To make sure you know if any of these leaks could effect your organisation, ThreatPipes will monitor assets over time. When a new breach is found containing a monitored asset, you’ll be the first to know.