PORTSMOUTH, UK & WASHINGTON DC, US – Monday October 23, 2023
Searchlight Cyber, the dark web intelligence company, has released enhancements to its unique Dark Web Traffic Monitoring capabilities, a key feature of its dark web monitoring solution, DarkIQ. These enhancements arm cybersecurity professionals with deeper insight into dark web traffic to and from their network, alerting their organization to potentially malicious activity and the possibility of an attack in preparation or in progress.
Searchlight’s Dark Web Traffic Monitoring feature in DarkIQ is unique in its ability to deliver data on the connections between an organization’s infrastructure and the dark web network, The Onion Router (Tor). Live traffic data can provide organizations with early warning to a potential cyberattack, while historic traffic data stored in the platform can be used by threat intelligence and incident response teams to investigate an incident.
For example, dark web traffic from Tor to the company network can indicate:
- Threat actors probing the company network for vulnerabilities.
- Malware installation, especially if it is a large data packet.
While dark web traffic to Tor from the company network can indicate:
- Employees browsing the dark web, putting their organization’s infrastructure at risk.
- That a command and control beacon has been established by hackers that have already compromised the network.
- Data exfiltration, especially if there is a large amount of data leaving the corporate network.
Dr Gareth Owenson, CTO of Searchlight Cyber said: “Dark web traffic between Tor and the corporate network is a very reliable datapoint for identifying malicious activity, and we have seen first hand how organizations have used it to identify cyberattacks and take preventative action before any damage was done. However, this relies on them firstly having visibility into the traffic, and secondly having the data points they need to identify where to start their investigation. The enhancements we have made to our Dark Web Traffic Monitoring feature provide our customers with even more context, to help them assess exactly what malicious activity is taking place, and the best mitigative actions they can take.”
The latest enhancements offer Searchlight Cyber customers the following advantages:
- Enhanced granularity: Even more data on dark web traffic, including detailed information on package sizes and the number of connections from the dark web, empowering security professionals to identify anomalies.
- New visualizations: Making it easier for cybersecurity experts to dissect and analyze data from multiple angles, enhancing their ability to identify and respond to threats effectively.
- Traffic splitting capability: The ability to segment data by incoming and outgoing traffic, simplifying the identification of potential threats and unusual patterns.
Dark Web Traffic Monitoring is available to all DarkIQ customers. For more information click here.
About Searchlight Cyber
Searchlight Cyber provides organizations with relevant and actionable dark web intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.