Research | Our Q3 report details what's new in the world of ransomware.
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Find cyber threats that have evaded your defenses.
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Brands of the world trust ReliaQuest to achieve their security goals.
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
The latest threat research report from ReliaQuest Threat Research research team.
The latest white papers focused on security operations strategy, technology & insight.
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
November 30, 2023
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
Despite the hype associated with the dark web, maintaining visibility into it is an important component of a comprehensive digital risk management program. In support of our announcement today about the expansion of our SearchLight’s dark web collection capabilities, we wanted to highlight some of the digital risks that can be associated with the dark web in this blog. It is important note that these risks can also occur on the open and deep web, just as with our previous research on sites like deer.io.
The insecurity of payments systems makes the news frequently. Take the recent Chipotle breach, which resulted from malware on their Point of Sale devices. It’s important for retailers (and any organizations with ATMs or PoS devices) to ensure these devices and their transactions are secure. Having visibility into criminal forum conversations that discuss committing fraud against these devices, third parties or your company is critically important. It is also important to have visibility into the items for sale in criminal marketplaces that could be used to conduct fraud. This can be in many forms; it might be in a guide for ATM skimmers (Figure 1), or product listings for specific hardware. Having visibility to these dark web conversation can make the difference in stopping or mitigating a breach.
Figure 1: Dark Web Marketplace offering guides on how to make ATM skimmers
For banks seeking to protect their customers, gaining visibility and monitoring the dark web can be a highly valuable tool to stop fraud. Adversaries share credit card numbers on IRC channels (Figure 2) and sell accounts on dark web forums (Figure 3). Detecting these activities gives banks better visibility into their customers’ online exposure and enables them to get on the offense to minimize the impact.
Figure 2: IRC channel sharing and testing customer credit card information
Figure 3: Accounts for sale on the dark web
It isn’t always a company’s assets that are at risk; organizations can also gain awareness of tools used against them. Figure 4 is an example of a tactic used to bypass SMS account verification. Understanding the latest tactics used by adversaries is vital for organization’s security decision-making to reduce their risk profile.
Figure 4: New tool for bypassing SMS authentication offered, mentioning specific sites
Tax milestones throughout the year are popular times for fraud, and tax information is high in demand by cybercriminals. Approaching the deadline for 2017’s tax return, we detected a user claiming to sell access to the PCs of an individuals working for accounting companies. The accompanying screenshots indicated that the user had access to information on hundreds of companies in the United States.
Figure 5: User selling access to an accounting company’s customer information, consisting sensitive tax information
It isn’t enough to simply detect mentions of company assets and concerns across the dark web. Organizations need context behind these posts to have a better understanding. As a result, today we announced an expansion of our SearchLight’s dark web collection capabilities where we help our customers manage their dark web threats in five ways:
The importance of our team of data analysts extends beyond adding vital and relevant context. Not all dark or deep web sites can be easily accessed with technology on its own; expert human data analysts must also gain access to closed sources to provide the most relevant view of digital risks. Digital Shadows (now ReliaQuest) recognizes it is critical to complement automation with a team of data scientists and intelligence experts who gain access to closed sources, and qualify the data collected to enhance analytic capabilities. This gives our customers the full breadth and context needed to address the digital risks that are most relevant and impactful to their business.
Figure 6: SearchLight’s incident view, complete with vital context
Armed with this vital context, organizations are better informed about the risks they face online across the open, deep and dark web; understanding not only when they are mentioned online, but also why, by whom and the likely impact to your organization.
To learn more about Digital Shadows SearchLight (now ReliaQuest GreyMatter DRP)™ dark web monitoring capability, watch this demo video or read our datasheet for more details.