Threat Intelligence

This guide explains the Threat Intelligence product and how to use it.

This includes:

• What is Threat Intelligence?

• How to export a list of breached accounts?

What is Threat Intelligence?

The Threat Intelligence product scans the web, searching for signals and data that may represent a breach of your data security and a threat to your business. The constant vigilance afforded to you by the Threat Intelligence product shortens the time between the potential data breach and defensive response, reducing the opportunity for fraudulent activity.

In the Threat Intelligence product, you can check for data leaks for your previously allowed email domains in the Domain Allowlist menu.

Please find the documentation for the domain allowlist here.

Go to the Threat Intelligence menu from the left menu on the dashboard to review the following functions.

Breached Accounts

This table contains all breached email accounts. This table includes information such as breached account, the source of the breach, the password type of the email account, and the leak date.

The components of the Breached Accounts page are explained in the table below.

Table Actions

You can take manual actions on breached accounts table. You can click the buttons top of the data table for the appropriate steps you want to perform.

Video Tutorial

This tutorial explains the Threat Intelligence product and how to use it.

FAQ

Q: Can I delete breached account from the platform?

A: No, you can only list, copy to clipboard and download the list of the breached accounts.

Q: Can I integrate the breached accounts with my SOAR products by obtaining the details using the API?

A: You can perform almost every operation in the Threat Intelligence product using API. You can refer to our Rest API document to see the details.