How to Identify Data Leaks on the Internet
For example, a financial institution may register the Bank Identification Number (BIN) of their issued credit cards in the Keyword Monitoring module so that they are constantly crawled across multiple data sources such as chat applications and malicious websites, in order to search for leak of credit card authorization information.
As a setup, the Reports and Alerts module gathers the evidences and notifies the users via email, as well as allowing them to view the graphics on TV mode for real-time monitoring by the security team.
From this search, the Integration module can send to the financial institution, through an API, the numbers of leaked credit cards that must be canceled.
How to act during an incident
For example, a company in the Telecom sector that is under DDoS attack may use the Integration module to collect information from equipment and/or security vendors of IP addresses that are being used to cause attacks.
Through a specific action, the owner of this IP is notified by the module Report Abuse together with the evidence of the identified occurrence, requiring the necessary action to be implemented to avoid the use of such IP addresses in malicious attacks.
In some cases, the action may also rely on the Takedown module to blacklist and block such IP address, allowing greater autonomy for the Telecom company.
Creating Preventive Routines
For example, the External Monitoring module captures data from public applications that identify anomalies in a carrier's network infrastructure.
As defined, the Reports and Alerts module gathers this evidence and notifies the user by SMS and e-mail to all security professionals.
Thus, the carrier network can scale the new procedures by the module Incident Control, where it occurs.