New DarkIQ features can provide an ‘early-warning’ to cyber attacks
Searchlight Cyber has released new features as part of its DarkIQ platform, enabling live monitoring of dark web traffic.
This unique capability not only gives users the ability to collect dark web data to help investigate threats, but also to anticipate and stop cyber attacks before they are damaged.
Anticipating and stopping cyber threats before they launch an attack significantly reduces both their impact and costs.
Tor network monitoring with a twist
DarkIQ offers companies the ability to monitor traffic between their own infrastructure and Tor in both directions.
Traffic traveling from the dark web to the business can provide insight into hackers trying to access data or install malware. Traffic traveling externally from the company to the dark web could indicate that employees are using the dark web, that hackers have already compromised a corporate network, or that data is being extracted from corporate systems and uploaded to the dark web.
The latest improvements to the Dark Web Monitoring system include; improved granularity allowing your cybersecurity team to see detailed information about connections to and from the dark web, including how much data is being transferred; new visualizations that help security teams identify threats through data analytics; and traffic splitting that divides incoming and outgoing traffic to enable more efficient threat identification.
“Dark web traffic between Tor and the corporate network is a highly reliable data point for identifying malicious activity, and we have seen firsthand how organizations have used it to identify cyber attacks and take preventive action before any damage is done,” said CTO of Searchlight Cyber. , dr. Gareth Owenson.
“However, this is dependent on them firstly understanding traffic and secondly having the data points they need to determine where to start their investigation. The improvements we’ve made to our Dark Web Traffic Monitoring feature provide our customers with even more context so they can assess exactly what malicious activity is happening and what actions to take.”