RiskIQ PassiveTotal®

Security intelligence that scales security operations and response

Base Editor

Overview

RiskIQ PassiveTotal aggregates data from the whole internet, absorbing intelligence to identify threats and attacker infrastructure, and leverages machine learning to scale threat hunting and response. With PassiveTotal, you get context on who is attacking you, their tools and systems, and indicators of compromise outside the firewall—enterprise and third party.

Rapid Threat Investigations

Investigation can go fast, really fast. Find answers quickly with over 4,000 OSINT articles and artifacts. Along with 10+ years of mapping the internet, RiskIQ has the deepest and broadest security intelligence on earth. By absorbing web data like Passive DNS, WHOIS, SSL, hosts and host pairs, cookies, exposed services, ports, components, and code. With curated OSINT and proprietary security intelligence, you can see everything—from every angle—on the digital attack surface.

Curated OSINT Indicator Analysis

Risk-based, Tailored Watchlists

Neutralize Attacker Opportunities

With an unmatched view of all internet data, along with 10+ years of history and 200+ mapped connections, ports, services, and threat systems, RiskIQ PassiveTotal delivers security intelligence with line-of-sight and easy pivots to find and eliminate threats; before exposures turn into exploits. And to make threat investigations easier, RiskIQ gives you Article Cards with associated indicators actively linked for one-click pivot and search.

Attack and Attacker Infrastructure

Pre-built Threat Indicators and Search

Scale Threat Hunting, Automate Response

It’s hard to scale and automate security programs without adaptive, timely threat intelligence. Enrich tools and workflows with PassiveTotal’s unmatched security intelligence. RiskIQ world-renowned internet datasets are woven into over 50 of industry-leading security vendors products and services—adding context, insights, automation and downstream integrations with your trusted response process and systems.

Full Scale,
Flexible APIs

Alliances, Integrations

Attackers have nowhere to hide.

Automated Data Assembly

Tailored Watchlists

Threat Intelligence, Attribution

Security Integrations

A single, unified view gives them insights to find exposures, hunt threats, automate investigations, and collaborate to fortify their knowledge and skills.

Reimagine security intelligence by distilling more than 2,000 IOCs and articles, curated and continuously updated to remove noise and spotlight the signal.

Pinpoint attackers—inside and outside the firewall. Shutdown attackers looking for Telnet, RDP, exposed ports, and even compromised third parties.

Precision integrations combine with RiskIQ’s deep data sets to redefine incident response by infusing security intelligence into SIEM, SOAR, EDR, workflows with tailored insight.

Five Ways Hackers are Targeting Organizations

Analysis of an Attack Surface

The boom in internet-exposed assets from a decade of digital transformation, and accelerated by a seismic shift to a remote workforce in response to COVID-19, can make protecting your enterprise's digital attack surface feel overwhelming. Today, organizations are responsible for defending not only their internal network but also their digital presence across the internet and the cloud.