RiskIQ External Threat Management, Detection, Mitigation | RiskIQ

RiskIQ External Threats™

Detect and Respond to Digital Threats Across Web, Social, and Mobile Channels

Read the Datasheet

What are External Threats?

External threats are malicious campaigns and threat actors that attempt to exploit security exposures in your attack surface that exist outside the firewall. All organizations with a digital presence are exposed to external threats by attackers who attempt to impersonate your brand and official communications channels on the internet, social media, and through mobile apps.

Successful exploitation of external threats through phishing sites, fake mobile apps, imposter social media profiles, and domain squatting allow threat actors to steal customer or company data, distribute malware, divert user traffic, or otherwise exploit trust in your brand.

The RiskIQ External Threats solution sets, covering domains, mobile, social, and anti-phishing exposures, enables security teams to detect and respond to these threats as they appear in the wild, mitigating the impact that they have on your brand and customers. By combining the largest internet data sets available with the most comprehensive monitoring of digital channels, RiskIQ enables effective digital threat management.

External Threat Solution Sets



  • Find domains across the internet that include your official domain or branded terms, or are confusingly similar, such as misspellings
  • Find subdomains that include official branded terms or that are confusingly similar, such as close misspellings
  • Initiate takedown requests with hosting providers




  • Monitor over 20 million apps in 150 app stores around the world
  • Find fake mobile apps claiming to represent your brand or products
  • Locate old or modified versions of your official apps that expose users to increased risk and vulnerabilities
  • Pinpoint unapproved download locations for official mobile apps
  • Submit takedown requests directly to app store platforms and developers




  • Monitor Facebook, Twitter, LinkedIn, Instagram, Google+, YouTube, and Pinterest for threats
  • Find social media accounts impersonating or spoofing official brand accounts, employees, or executives
  • Request takedown of unauthorized accounts and profiles that are imposters or in violation of company social media policies




  • Proactively find web pages impersonating your organization to deceive users and obtain sensitive information
  • Automatically scan and crawl suspected phishing emails from your internal and external-facing abuse boxes
  • Automatically submit confirmed phishing pages to block visitors from 95% of web browsers through Google Safe Browsing and Microsoft SmartScreen


How does RiskIQ External Threats work?

RiskIQ External Threats™ uses virtual user technology as it crawls the internet, experiencing websites, social media profiles, and mobile apps just like a real user does. Our virtual users visit websites from thousands of IP addresses originating from around the world, using different browser and device types. This technique evades detection from advanced threat actors who are watching for automated crawling technology.

Sophisticated analysis, detection techniques, and fine-tuned policy controls turn a sea of data into discrete, actionable events and workflows that reduce your digital risk and eliminate threats. Utilizing in-app mitigation, correspondence, and takedown capabilities, security teams can block threats and submit them directly to the platform that is hosting the threat, shutting down threats targeting your customers and employees.

Ovum Report—On The Radar: RiskIQ provides external digital threat defense

Critical Capabilities for Detection and Response to External Threats

Your organization needs to understand attack vectors used against your organization and customers, like phishing, brand use in third-party domains and subdomains, rogue mobile apps, and social media impersonation. This information helps your security teams respond quickly and remove the threats as they’re detected.

RiskIQ uses virtual user technology to detect threats and experience them like a real user does, allowing you to accurately detect, monitor, enforce, and report on digital threats.


detection The internet is a big place and offers criminals lots of room to hide, which makes it easy for anyone to spin up a website or register a cheap domain and pretend to be you. External Threats helps your organization detect these threats and:

  • Find those responsible before it’s too late to preserve customers’ trust in your brand and legitimate services in digital channels
  • Know how safe your customers are or are not by having visibility into what their online experience is like
  • Understand how you appear in the wild, and the content associated with you that customers encounter online


monitoring As new digital threats are found, security teams must be alerted to them in an easy-to-see, prioritized way. External Threats provides security teams and incident responders with:

  • Sorting, filtering, and scoring, which allow users to prioritize the most urgent threats for immediate attention
  • Presentation of all essential information in a single, actionable event summary to facilitate efficient review
  • Seamless collaboration with teammates to prevent duplicated efforts or tasks falling through the cracks
  • Built-in workflow actions to immediately mitigate threats, seek feedback from teammates, mark as potentially suspicious, and automatically monitor and alert on future changes


enforcement Once threats are detected and confirmed, teams must mitigate them as quickly as possible.
To do that, External Threats provides:

  • Automatically generated, customizable enforcement requests to appropriate parties at the push of a button
  • Simultaneous enforcements of  related incidents for efficient action
  • Tracking of all correspondence and message threads in a single screen
  • Enforcement performance metrics, replies, and automatic reminder and follow-up notices for unresolved issues
  • Continuous monitoring to alert when enforced threats have been successfully remediated, and post-resolution monitoring for tenacious threats that pose recurring risk to the organization


reporting Organizations with compliance controls in place need accurate reporting on the existence of digital threats and the mitigation efforts to resolve them. External Threats tracks these and provides:

  • Intuitive dashboards and drill down reporting for current threats and overall state of affairs, tracking trends and benchmarking performance and risk over time, and detailed incident breakdowns by type, brand, status, and other attributes
  • Exportable and interoperable data that can be exported to CSV or accessed via our REST-based API

Dive Deeper into the External Threats Solution Set

Learn more about the individual threat types that make up the External Threats solution set:

Domain Threats
Mobile Threats
Social Threats
Phishing Threats