Dark web monitoring specialist RepKnight has released an application programming interface (API) for the enterprise edition of its BreachAlert dark web monitoring tool, supporting integration with security information and event management (SIEM) and IT service management (ITSM) platforms.
BreachAlert scans the dark web and other paste and dump bin sites used by cybercriminals to buy and sell corporate data. The platform works like a burglar alarm — alerting customers in real time as soon as their data appears on the dark web. Fully cloud-hosted, it requires no on-site installation, and can be configured by customers in minutes.
The newly released REST API enables security analysts to quickly add dark web monitoring to SIEM platforms in their security operations centre (SOC), providing a real-time feed of external malicious activity targeted at their organisation.
Unlike generic threat intelligence feeds, BreachAlert enables security teams to configure searches around specific keywords, domains, and IP addresses, providing instant warning if cybercriminals are discussing the customer's applications or infrastructure on the dark web, or if compromised staff credentials appear in paste, dump and bin sites.
RepKnight EVP of sales and marketing Jeremy Hendy said: "With GDPR just a month away, it's never been more important for businesses to monitor outside their company's perimeter for data that's being hacked, leaked or sold on the dark web.
"No company — large or small — is immune to the threat of the dark web, and the majority of organizations are not even aware of how much of their data is outside the firewall. BreachAlert provides a simple dark web monitoring capability to alert them in real time if data about their company or clients is leaked. Our new API further streamlines monitoring for larger organisations by providing greater efficiency, automation and easy integration with existing security platforms."