RiskIQ External Threats
Detect and Respond to Targeted Digital Threats Across Web, Social, and Mobile Channels
What are External Threats?
External threats are malicious campaigns and threat actors that attempt to exploit security exposures in your attack surface that exist outside the firewall. All organizations with a digital presence are exposed to external threats by attackers who attempt to impersonate your brand and official communications channels on the internet, social media, and through mobile apps.
Targeted external threats that can compromise your employee or customer data security include:
Deep and dark web discussions about your organization
Rogue and feral mobile apps
Social media impersonation of VIPs and support channels
Domain and subdomain infringement
Brand tarnishment and abuse
Phone & SMShing
Card cracking and remote deposit capture (RDC) fraud
Email spoofing and business email compromise (BEC)
Successful exploitation of these threats allows threat actors to steal customer or company data, distribute malware, divert user traffic, or otherwise exploit trust in your brand.
The RiskIQ External Threats solution sets enable security teams to detect and respond to these myriad threats as they appear in the wild, mitigating the impact that they have on your organization, employees, and customers. By combining the largest internet data sets available with the most comprehensive monitoring of digital channels, RiskIQ enables effective digital threat management.
Dive Deeper into the External Threats Solution Set
External Threats is based on a workflow engine that enables organizations to manage threats against them in a central location, with workflows, APIs, and tracking and auditing capabilities. The workflow engine is required for External Threats, but does not require the purchase of additional detection modules if workflow and event management is all that is needed as the basis of an organization’s digital threat management workflow.
For External Threats, each module can be setup to monitor threats against Brands. A brand is any discrete business entity, a line of business, department, agency, or division. External Threats Premium includes two brands per module. External Threats Enterprise includes five brands per module. Additional brands can be purchased as add-ons. In the case of the Social Executive Threats module, one brand is equivalent to 10 executive names.
External Threats Workflow Engine
External Threats Workflow EngineRiskIQ provides both a web interface and API access to clients and their support teams to submit and investigate events. The web interface is designed to provide users with all the necessary details for each type of threat in a single view to facilitate fast review and investigation.
For each threat event, users can take the following workflow actions:
Confirm: Validate event without sending an enforcement notice
Enforce: Generate and send a notice to initiate takedown, content removal, or another type of threat mitigation
Monitor: Automatically alert on any changes in content or behaviour of a suspicious event that raises its threat-level and could trigger future enforcement
Review: Set aside for discussion/review to decide on a proper response
Dismiss: Label event as a false positive
Assign a specific user to manage this event
Tag an event with a custom label for searching or reporting
Send the details of this event to a specified email address
Continuous monitoring of online resources lets customers know when threats have been successfully remediated, and RiskIQ’s post-resolution monitoring automatically re-opens events and alerts users to any tenacious threats posing a recurring risk to the organization.