• VeriClouds Platform Services for Compromised Credentials
 

Image compromised-account-detection

Improve the security of authentication with compromised account detection as-a-service

Image domain-monitoring

Improve forensic capabilities and risk assessment with domain monitoring

 

Passwords Are The Weakest Link In Cybersecurity

Very few organizations can distinguish the genuine user from the sophisticated attacker. Even when password policies are enforced, intellectual property, sensitive data and competitive advantage can still be at risk.

Furthermore, recent analysis suggest that when there are known incidents, the speed to respond and remediate compromised credentials made up more than half of the total cost of an incident.

To proactively detect threats before they can do damage, you need solution that allows you to quickly identify when credentials have been compromised or reused, and to act on that insight in real time.

63% of confirmed data breaches involved weak, default or stolen passwords.

2016 Data Breach Investigations Report (DBIR), Verizon

Benefits of VeriClouds Platform Services

 
  • One of the industry's largest repositories of compromised accounts
  • Custom integrations with popular IDaaS and CASB providers
  • Increased speed to detect and remediate compromised credentials
  • Built on privacy principles
 

VeriClouds Services Platform

VeriClouds has built a data repository of leaked account credentials which is used proactively identify and remediate potential threats across a broad range of end-points and infrastructure. Our platform includes agents that enable protection schemes for popular services such as Exchange/AD, Magento and Splunk, Rest API for custom integration, and extension for many popular browsers.

  1. ActiveDirectory and Kerberos extensions compare hashed passwords against VeriClouds Service
  2. Rest API (E.g. Splunk, custom app) for hosting at your cloud/premises
  3. Identifies password policy violations such as weak credentials, password reuse and prevent malicious phishing attacks
  4. Configure service, display compromised accounts, report on policy violations, send notifications
  5. VeriClouds on-premise solution

Image vericlouds-services-platform

A closer examination of major breaches reveals a common theme: In every "major headline" breach, the attack vector has been the common password. The reason is simple: The password is by far the weakest link in cybersecurity today.
– Michael Chertoff, former head of Homeland Security

VeriClouds for CASB & IDaaS Providers

With our Rest API, the value of VeriClouds Services Platform rapidly expands to reach potentially millions of users accessing IP and sensitive data at dozens of popular SaaS services and IaaS platforms.

With knowledge of recently compromised accounts, a CASB can orchestrate the full remediation from notifying the end-user, to forcing step-up authentication and automating the logging of a ticket in a company’s helpdesk system.

By automating the mitigation of known compromised accounts, VeriClouds Services is able to reduce the risk and costs that occur as a result of phishing or more wide spread data breaches.

Image CASB-or-IDaaS-V2

VeriClouds Services Platform Advantage

DIVERSE DATA SOURCE

We have built a data repository of compromised accounts that is among the largest in the industry.

We manually validate the sources we use to eliminate false positives.

PRIVACY-PROTECTING TECHNOLOGY

Our technology is built around a key principle – neither VeriClouds, nor its clients have visibility over data that does not belong to them.

PATENT PENDING

LEGAL RISK OUTSOURCING

When working with Dark Web data there are legal risks that need to be avoided. VeriClouds has spent a lot of time and money to mitigate those risks, so that you don’t need to worry about them.