"97% of companies have data leaks and other security incidents exposed on the Dark Web" - Bold claims. Do you have any proof of this? Such as redacted screenshots or examples of these leaks?
The article shows lots of stats, but no real evidence.
There are some people that say, now I am not saying it, but there are people that say, “Your data is on the Dark Web”.
It looks like FUD, it sounds like FUD, then in my books, it is FUD. Fortunately it is easy to get out of infosec meetings that blather on with these generic statements while working from home. No awkward walking out of the room.
It looks like it’s based on looking for the companies’ domains in password and data dumps, in which case 97% is utterly unsurprising and I bet the 3% are just too new to have had any users in a major breach.
that's cause the article is written for seo and advertising purposes and not for educational purposes. do you know how many seo articles i have personally seen written with false information? i'm surprised they didn't throw in the obligatory quote from company ciso.
Any company that is trying to sell automated dark web scraping is selling snake oil. Many of the 'legit' places to purchase stolen data have vetting procedures before a person is allowed to participate in (or even view) the marketplace.
There are a few companies that have analysts that are in these marketplaces, and they provide actionable intelligence, but they are not cheap.
While the evidence is light. Is anyone surprised if this is true? My experience is that most cybersecurity firms are only slightly better than other enterprises. They often have lofty standards that they themselves don't follow.
They also have professional service arms that are similar to the rest of the industry. Handful of senior people and an army of junior engineers that bias towards velocity over quality (i.e. take shortcuts that can lead to data exposure and other issues)
I know an attorney who was quite capable legally and with tech and spent his career in both. He ended up at a legal organization that also dealt with security.
The cybersecurity industry is absolutely full of crappy security companies worth jack squat. The legal industry is full of Luddites.
Being capable in both areas = some serious demand / profit.
> My experience is that most cybersecurity firms are only slightly better than other enterprises.
They're often worse. I can't recall the study, but one of them looked across industries at software quality, and security products were statistically worse than others. Of course such studies are hard to really feel confidence in, but it isn't surprising.
It comes up with 130 high risk events for ycombinator.com [0](accounts with plain text passwords) and 294 medium risk events (accounts with encrypted passwords)
This feels like the sum of all the domain accounts from leaked breaches - similar to have I been pwned
Despite what the report says - you can't actually verify the data without signing up to their service and doing the whole sales funnel thing
What can I say . In general, it is not entirely clear which part of the dark web is meant https://utopia.fans/networks/dark-web-vs-deep-web-what-is-ea... and what could be safe there? No matter how you look, it is nevertheless an undetected part of the Internet, and for the most part there are all sorts of illegal things.
There are so many "numbers" reports in the cybersecurity industry without any kind of way for validating the claims that I think all of them have equal value - close to zero.
The only source of truth in this industry is speaking with the "frontline" and figuring out how things really are.
I have asked this in several forums but didn't get any satisfactory answer.
How does one get started in dark web monitoring for intelligence, like finding these leaked databases or confirming/denying the reports of data leak in "the dark web".
Are you asking from a career or technical perspective?
This report isn't particularly technically complex, a majority of this sort of leaked data is widely available on clearweb forums. The minority requires building relationships and/or paying and/or developing a reputation that gets you access to more exclusive forums or circles. You then have to regularly crawl those forums, and avoid identification of your crawlers (as the more exclusive forums/site watch out for that sort of activity pattern). Then you just index the data and can perform searches or analysis.
From a career perspective, this is a subset of threat intelligence. The more interesting companies in this space often are leveraging military-style HumInt to gain access to these marketplaces and data, and often have leadership from that sort of military or government background. Most folks I'd assume are just standard engineers however, as a majority of the work is probably not specific to "dark web monitoring for intelligence."
[+] [-] HelloThur|5 years ago|reply
The article shows lots of stats, but no real evidence.
[+] [-] dade_|5 years ago|reply
It looks like FUD, it sounds like FUD, then in my books, it is FUD. Fortunately it is easy to get out of infosec meetings that blather on with these generic statements while working from home. No awkward walking out of the room.
[+] [-] resfirestar|5 years ago|reply
[+] [-] thrownaway954|5 years ago|reply
[+] [-] deepstack|5 years ago|reply
[+] [-] bikingbismuth|5 years ago|reply
There are a few companies that have analysts that are in these marketplaces, and they provide actionable intelligence, but they are not cheap.
[+] [-] bob33212|5 years ago|reply
[+] [-] ec664|5 years ago|reply
They also have professional service arms that are similar to the rest of the industry. Handful of senior people and an army of junior engineers that bias towards velocity over quality (i.e. take shortcuts that can lead to data exposure and other issues)
[+] [-] duxup|5 years ago|reply
The cybersecurity industry is absolutely full of crappy security companies worth jack squat. The legal industry is full of Luddites.
Being capable in both areas = some serious demand / profit.
[+] [-] staticassertion|5 years ago|reply
They're often worse. I can't recall the study, but one of them looked across industries at software quality, and security products were statistically worse than others. Of course such studies are hard to really feel confidence in, but it isn't surprising.
[+] [-] wp381640|5 years ago|reply
This feels like the sum of all the domain accounts from leaked breaches - similar to have I been pwned
Despite what the report says - you can't actually verify the data without signing up to their service and doing the whole sales funnel thing
[0] https://www.immuniweb.com/radar/?id=kKhvrIhe
[+] [-] egberts1|5 years ago|reply
Yet, I, as a “CyberSecurity firm”, have “appeared” to failed.
[+] [-] Molly555|5 years ago|reply
[+] [-] waihtis|5 years ago|reply
The only source of truth in this industry is speaking with the "frontline" and figuring out how things really are.
[+] [-] malware7|5 years ago|reply
How does one get started in dark web monitoring for intelligence, like finding these leaked databases or confirming/denying the reports of data leak in "the dark web".
[+] [-] ramimac|5 years ago|reply
This report isn't particularly technically complex, a majority of this sort of leaked data is widely available on clearweb forums. The minority requires building relationships and/or paying and/or developing a reputation that gets you access to more exclusive forums or circles. You then have to regularly crawl those forums, and avoid identification of your crawlers (as the more exclusive forums/site watch out for that sort of activity pattern). Then you just index the data and can perform searches or analysis.
https://scylla.sh/ is a free example covering just breach data.
From a career perspective, this is a subset of threat intelligence. The more interesting companies in this space often are leveraging military-style HumInt to gain access to these marketplaces and data, and often have leadership from that sort of military or government background. Most folks I'd assume are just standard engineers however, as a majority of the work is probably not specific to "dark web monitoring for intelligence."
[+] [-] unknown|5 years ago|reply
[deleted]