What’s the Dark Web Monitoring about?
Dark Web Monitoring tracks the leaked credentials, which are typically found in data dumps and other lists on the dark web and pose a critical risk to employees and businesses if they go unchecked. Guardz scrapes and analyzes sources that monitor the dark web for malicious activity targeting businesses and users. We’re analyzing the domains related to the company. Once we find leaked credentials, we’ll surface it as a high-severity issue.
Once the user completes the initial signup, the feature of Dark Web Monitoring will be active and the scan will start based on the company domain name.
Dark Web Monitoring Capabilities
Guardz will scan different sources, including the dark web, to find leaked credentials.
Here are some of them:
Pastes
Darknet: Tor
Darknet: I2P
Whois
Usenet
Leaks, COMB
Bot Logs
WikiLeaks
Dumpster
Sci-Hub
Public leaks
Public web
💡 Note: Only the organization admin will have the ability to view leaked users' passwords.
Dark Web Monitoring - Issue Types and Remediations
Issues related to Dark Web Monitoring will deal with leaked credentials of your users and will offer remediations to fix it.
There is only a single issue opened for all leaked credentials that aggregate all the impacted users and lists the relevant details.
Not all issues are related to a specific Guardz user, as some email addresses are old / cannot be attached to a Guardz user.
Guardz cannot be sure which system or vendor the affected emails (and leaked credentials) are associated with, therefore, the reset password will take place in the primary vendor.
FAQ Dark Web Monitoring
Question: How often does the dark web perform the scan?
📍Answer: The Dark Web monitoring runs automatically on a weekly basis