At RiskIQ, our core mission is to help businesses expand to the cloud, SaaS, mobile, and social channels so they can boost visibility and interaction with their customers while being protected from the ever-growing cyber threat landscape outside their firewall. That’s why we were thrilled to participate in The Forrester Wave™: Digital Risk Monitoring, Q3 2016, which we believe has not only established an essential new business category but also ensures that cyber security outside the firewall is now table stakes for CISOs.
As the only company that monitors digital risk across all channels, we're proud to announce that Forrester Research recognized RiskIQ as a Leader in this category-defining report. The independent research firm, which evaluated nine different companies based on 27 criteria such as “Data coverage,” “Risk monitoring and remediation” and “Corporate strategy and vision”, gave our External Threat Management Platform the highest scores for Current Offering and among the highest scores for the Market Presence categories. We believe that these scores validate our fundamental philosophy that traditional layered cyber security that focuses solely on detection behind the firewall is not sufficient, and needs to change.
Many of the risks in the digital landscape are still emerging as cyber threat actors find increasingly clever ways to exploit these blind spots, and the rise in popularity of technologies like IoT and augmented reality further blur lines between digital and physical worlds. Today, InfoSec must go beyond setting up and protecting a perimeter, to a place traditional cyber security tools provide little to no visibility or protection.
Our Takeaways Regarding Current Offering
Forrester specifically recognized RiskIQ for providing “the broadest coverage of social, mobile, and web data.” According to Forrester, we cover “a practically endless list of digital channels to provide customers a comprehensive digital system of record.”
Our network of crawlers, sensors, and proxy users works as an emulated human user with a fully instrumented browser and algorithms to simulate human-like mouse movements and click behavior. When these crawlers process a customer's web pages, they take note of details like links, images, and dependent content so that cyber security teams can reconstruct an event and what led to it—just like a detective might do at a crime scene.
Beyond that, we monitor official and unofficial mobile app stores across the world, and, according to Forrester, are one of the only participants of the Wave that includes malvertising—including Facebook’s ad ecosystem.
Our Takeaways Regarding Data Coverage
We believe that this position highlights our unique ability to enrich the data that cyber security analysts have from within their network—data center logs, network traffic analysis, and user behavior—with external data, such as Passive DNS, WHOIS, and Newly Observed Domains. We find cyber threats first using the internet as a sensor and then using automation to inform the corporate network to block cyber threats, thereby freeing up resources and increasing the cost to cyber attackers to launch further cyber attacks.
Our Cyber Threat Detection Suite leverages a complete source of real-time internet datasets and machine learning and analytics to generate truly predictive results. With thousands of customers and processing petabytes of internet datasets daily, we’re a pioneer in expanding the reach of the cyber security program to prevent cyber attacks.
Our Takeaways Regarding Digital Governance
In the past, many companies struggled with Digital Risk Monitoring because of weak or incomplete products. Our Cyber Threat Detection Suite fulfills a unique function that complements and enhances the other tools in a cyber security stack, consolidating point solutions into a single screen.
By finding and indexing all an organization’s internet-exposed assets, we integrate visibility into your external digital attack surface with the data and capabilities provided by traditional cyber security tools, including SIEMs, firewalls, endpoint cyber security solutions, and vulnerability scanners, and GRC Platforms.