Deep and Dark Web:

RiskIQ External Threats Module

RiskIQ now offers customers deep and dark web visibility via an API integration with Flashpoint Intel. Through this partnership and integration, data sourced from Flashpoint's monitoring of the deep and dark web forums will seamlessly create custom events in your RiskIQ workspace.

Using this integration Flashpoint monitoring mentions detect your brand names or other keywords of interest in hacker forums. This information can provides visibility into future attacks that are still in the planning stages, while RiskIQ is monitoring for and detecting the recon, setup, and weaponization phases of an attack against your brand or organization on the internet.

The recon, setup and weaponizations phases are when the threat actors sets up their infrastructure and take concrete steps to actually launch the attack in the wild.

This additional deep and dark web context turns previously non-actionable information into something actionable, and with full visibility outside the firewall provided by RiskIQ on the open web, and Flashpoint in the deep and dark web, organizations can now view the full picture of an attack.

If you currently a mutual Flashpoint and RiskIQ External Threats customer contact your RiskIQ Technical Account Manager to let them know you are interested in setting up this integration.

Your organization must have

An active RiskIQ External Threats subscription and an active set of Flashpoint API credentials.


RiskIQ and Flashpoint's customer success teams will work together on your behalf to migrate keywords under monitoring in Flashpoint to RiskIQ’s integration so that results can be viewed directly in RiskIQ External Threats.

Please note if you are not already a Flashpoint customer, the Deep Dark Web Module purchased through RiskIQ External Threats comes with a number of requests for expert translation provided by Flashpoint analysts.

For customers who have existing subscriptions with both RiskIQ and Flashpoint, the use of the integration at no cost does not come with additional translation requests.

Any flashpoint translation requests or RFI hours used will count against your existing Flashpoint subscription total.


If you would like more information on purchasing the deep and dark web module for external threats you can contact your RiskIQ Technical Account Manager. Or call us at 888.415.4447 or email us at