See it Live: How RiskIQ Host Pairs Confirm the Lazarus Group Attacks
Get vast internet data sets and advanced analytics to hunt digital threats and defend your company’s digital footprint.
Get RiskIQ Community Edition
Malvertising increased 132% in 2016… Download RiskIQ’s 2016 Malvertising Report to see a breakdown of how threat actor methods are trending.
Get the Report
RiskIQ Best Practices Forum – Get the Most Out of Your RiskIQ Investment
Join us in San Diego April 11-13.
What is Outside the Firewall? Learn more about Outside the Firewall, why it matters to every company’s security program and the right questions to ask when securing your enterprise digital footprint Outside the Firewall.
Outside the Firewall refers to a company’s or brand’s digital assets–web, mobile and social–that exist beyond the perimeter and safety of the firewall. Thanks to the increase in third party code and other web components, the rise of mobile apps and increased adoption of social networks to communicate with customers, customers now interact with companies and brands, sharing their data beyond traditional security control of the firewall.
What is an enterprise digital footprint? Find out what an enterprise digital footprint is, and how you can find out what yours looks like.
Simply put, an enterprise digital footprint is the discovery and inventory of all web, mobile and social assets associated with your organization, spokespeople and executives. As the digital assets that make up your footprint are external facing customer and partner touchpoints, they use your brand to reinforce your brand’s promise and message. Threat actors are taking advantage of organizations’ brand equity to create unknown, malicious digital assets outside the firewall to attack organizations and their customers. With RiskIQ’s Enterprise Digital Footprint, you can discover the unknown and rogue assets within your digital footprint, bring them under policy and monitor these assets for changes.
Who are virtual users and what do they do? Understand a core technology that differentiates RiskIQ from a threat data feed and how RiskIQ is able to capture the full extent of external threats, by evading bot blockers used by adversaries.
RiskIQ’s technology goes beyond simple crawling to emulate real user activity. By varying browsers, click pattern and time on page, our virtual users behave exactly as a human online user would, enabling our technology to continuously monitor while evading anti-malware detection systems. The virtual users are launched from a constantly evolving global web and mobile proxy network with more than 520+ egress points in 40+ countries.
RiskIQ’s virtual users automatically discover and inventory websites, online ads and mobile apps that are legitimately or fraudulently linked to a company or any of its brands. By serving as potential targets for threat actors, these virtual users are able to evade anti-security measures to capture the full Document Object Model (DOM) data. With this data, RiskIQ’s threat researchers and customers can recreate the captured digital asset, including any threats to better understand, and ultimately defend against, these threats.
What are points of egress? Points of egress are the network points where RiskIQ’s virtual users start browsing the web. Learn how the more than 520 points of egress enable RiskIQ to provide global coverage from its virtual users.
At its core, egress is the point at which network communications goes out. With more than 520 points of egress, RiskIQ is able to ensure that its virtual users represent a broad cross section of internet users on both web and mobile platforms. The number of egress points also enables RiskIQ’s virtual users to evade detection by adversaries.
Does RiskIQ provide custom data services? Understand why RiskIQ’s technology goes beyond the services of a threat feed.
RiskIQ offers customized data delivery to advanced security organizations. This data contains actionable insights and context, as the raw data collected by RiskIQ’s virtual users has been enriched with meta-data. Advanced security organizations can consume this data through three analysis pipelines:
By storing raw and pipeline-tested, virtual user-collected data in a normalized format, integrated applications can quickly access the data. Product owners can focus on delivering on business requirements instead of finding resources to collect and structure data. With dozens of pre-built facets and search, pivoting around the data is easy.