- November 16, 2021: Added navigation instructions for the Continuous Monitoring application.
- January 26, 2021: Disclaimer; Feature screenshot.
- February 15, 2017: Published.
Dark Web is a portfolio-level feature that allows you to browse any mentions of Bitsight-rated companies that are made by potential threat actors. Dark Web data is collected from selected social media platforms, hacker sites, forums, and paste sites.
This feature allows you to:
- Check if a specific third party is frequently mentioned and view potential risks.
- Check for potential hacks that are discussed or for any shared information within a specific industry.
- Check if your company is mentioned and assess the potential risks.
In order to use Dark Web, your organization's Admin will need to contact Bitsight Support to have it enabled. Once enabled, any user in your Bitsight account will have access to it.
- Dark Web Mentions
- Using Dark Web
- What information is included in a Dark Web mention?
- Special Considerations for Dark Web Data
Dark Web Mentions
Because data verification is an important part of ensuring high-quality ratings and grades, the Dark Web feature is purely informational and does not affect a company's security rating.
Dark Web communications are mentions of organizations in selected mediums by potential threat actors. Bitsight cannot confirm the identities of the comment authors, and does not represent that such statements constitute actual intent to do harm. By clicking "Continue", (i) you acknowledge that Bitsight is not responsible for the contents of such messages and will have no liability to you or any third party with respect to such information and (ii) agree that the information is made available to you solely for your internal business purposes related to third-party risk assessment of actual and potential business partners, benchmarking of your own risk assessment and, to the extent you are an insurance carrier, reinsurer or broker, identifying and measuring risk associated with underwriting cyber liability, and any other restrictions on use set forth in any other agreement you have with us. If the communications include personal data of your employees, please ensure you notify them regarding the fact that this data is being shared by threat actors.
Using Dark Web
Use the search bar to search for specific companies or by specific keywords. Dark Web mentions are limited to companies within your portfolio by default, to deliver relevant information. To see information about companies that are not in your portfolio, uncheck the “See Portfolio Only” checkbox in the upper-right corner of the search results.
- Filter mentions by industry to see whether there are any industry-specific trends.
- Filter by the language of the contents, and translate text to English.
What Information is Included in a Dark Web Mention?
Each mention includes the following information:
- Date in which the mention was posted.
- Source of the mention (e.g., Nulled Hackers Forum or Hansa).
- Companies the mention is likely linked to.
- Message contents.
Special Considerations for Dark Web Data
- The process of associating mentions to companies is complex and may lead to mentions that are being mistakenly associated to companies or the association may not have enough granularity to, for example, relate mentions to subsidiaries.
- Dark Web mentions often contain personally identifiable information like credit card numbers, social security numbers (SSN), emails, and other sensitive information. In order to protect sensitive information, we redact all the aforementioned data.
- Visiting links that are contained in the text can represent a security risk, as they might be clickbaits that can link to malicious web sites. If you need to check the links contained in Dark Web mentions, please take all possible precautions.
- Dark Web mentions may contain shocking language.