Investigations & Forensics

Get the forensic data you need when faced with external threats.

Vigilance Outside the Firewall

Investigations and forensics professionals know the value of accurate, actionable threat data. Having access to data about external threats—web, mobile, social and phishing—and your full attack surface outside the firewall enables you to accurately scope your forensic investigations, monitor digital assets for Indicators of Compromise (IoC), and provide recommendations to block future attacks.

Related Products

RiskIQ and You

Knowing your organization.

With RiskIQ’s Enterprise Digital Footprint, investigations and forensics teams can:

  • Find all web and mobile applications that you own, even the unknown, no matter where they are on the Internet.
  • Identify changes—even subtle ones—that may be Indicators of Compromise on your company’s infrastructure
  • Receive alerts for blacklisted events and identify malware hosted on your company’s infrastructure

Knowing the external threats facing your organization.

With RiskIQ’s External Threat Detection Suite, investigations and forensics teams can:

  • Collect deeper data on external threats, as RiskIQ’s virtual user technology evades detection and IP blacklists by simulating page click-throughs and referred traffic
  • Capture the full DOM to track JavaScript manipulations during user sessions in addition to metadata
  • Integrate with third-party malware analysis services, including VirusTotal
  • Find and confirm unreported phishing pages at unparalleled rates, thanks to RiskIQ’s proprietary machine-learning classification algorithm paired with virtual user technology resulting in more than 95% accuracy in identifying phish

Knowing your attacker.

Analyze a threat actor’s infrastructure to better understand their intentions and capabilities—and how to mitigate them—with RiskIQ’s PassiveTotal threat infrastructure analysis platform. This richer intelligence during incident investigations will help you overcome challenges in discovering and proactively blocking external threats.

External Threat Intelligence

You need tools that provide full visibility into security threats outside the firewall, as well as threat intelligence necessary to investigate and prevent attacks. RiskIQ delivers scalable internet monitoring of external threats as well as threat infrastructure analysis, which helps your team better understand the actors behind those threats.