Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

9/27/2018
01:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Digital Shadows Launches Shadow Search

Service enables organizations to 'self-serve' and find cyber threats against them from the open, deep and dark web

Digital Shadows has today announced the availability of Shadow Search –- providing security analysts with a search tool to make better, more informed, and faster decisions to protect their organization from cyber threats.

Previously available as a key feature within Digital Shadows core SearchLight, Shadow Search is now available as a subscription-based service on its own for teams who want to self-serve looking for threats from the open, deep, and dark web.

Shadow Search delivers threat insight with context through:

Immediate access: instant access to strategic, tactical and technical threat intelligence via a single intuitive interface.

Extensive coverage: a data repository including curated strategic threat intelligence, exploit and vulnerability information, and raw threat intelligence from the open, deep, and dark web.

Actionable information: accurate results with associated observables, an intuitive interface and full export, allowing analysts to make faster searches and more rapid use of the intelligence they find.

Relevant results: smart filters and a powerful search syntax enable analysts to rapidly focus on the most relevant information.

For the last seven years, Digital Shadows has amassed a collection of historical, evolving and real-time threat intelligence assets, and enabled access to complimentary expert security sources. Shadow Search provides subscribers with access to this data and the ability to better manage their third-party risk, investigate security incidents, monitor trends and enrich threat hunting of client-specific indicators and threat actors jeopardizing their business, brand and reputation.

Alastair Paterson, CEO of Digital Shadows explains: "For the last six months, existing SearchLight customers have been using Shadow Search to ‘self-serve’ and discover for themselves the array of threats on the criminal web that are lined up against them. Threats they have uncovered include malicious domains, compromised data and criminal 'chatter' directed against their organization. Many have also discovered evidence of accidental data loss. Shadow Search empowers organizations to mitigate these threats. Making it available as a standalone product will greatly enhance the breadth of organizations that can take advantage of the unique insight only Digital Shadows can bring to them."

In July 2018, Digital Shadows was named a "Leader" in The Forrester New Wave: Digital Risk Protection, Q3 2018 and a differentiated rating in nine criteria including: Web risk protection, dark web recon, digital risk analysis and review, business attribution & asset mapping, dashboard & UI, DRP breadth & depth, vision and execution, global reach & analyst support and thought leadership & strategic partnerships. In this digital risk protection evaluation, the report remarked that "Customers extol Digital Shadows for its robust digital risk data and ability to deliver on an aggressive product road map, citing a new queryable deep and dark web search feature as evidence."

Nick Hayes, lead Forrester analyst of the report, wrote: "Digital Shadows keeps getting closer to an all-in-one solution to monitor and mitigate external risk exposure online. Its rich partner ecosystem, including security technology vendors, regional legal services, and law enforcement, adds further value for all customers."

For more details on Shadow Search and for a free seven day trial please visit https://info.digitalshadows.com/test-drive-registration.html

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Aviation Faces Increasing Cybersecurity Scrutiny
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/22/2019
Microsoft Tops Phishers' Favorite Brands as Facebook Spikes
Kelly Sheridan, Staff Editor, Dark Reading,  8/22/2019
Capital One Breach: What Security Teams Can Do Now
Dr. Richard Gold, Head of Security Engineering at Digital Shadows,  8/23/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-6154
PUBLISHED: 2019-08-23
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
CVE-2019-5594
PUBLISHED: 2019-08-23
An Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Fortinet FortiNAC 8.3.0 to 8.3.6 and 8.5.0 admin webUI may allow an unauthenticated attacker to perform a reflected XSS attack via the search field in the webUI.
CVE-2019-6695
PUBLISHED: 2019-08-23
Lack of root file system integrity checking in Fortinet FortiManager VM application images of all versions below 6.2.1 may allow an attacker to implant third-party programs by recreating the image through specific methods.
CVE-2019-12400
PUBLISHED: 2019-08-23
In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this im...
CVE-2019-15092
PUBLISHED: 2019-08-23
The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported CSV file created by the WF_CustomerImpExpCsv_Exporter class.