Flashpoint Ignite Platform
Team-tailored intelligence across multiple groups in one workspace
Connect, collaborate, and remediate risk faster with timely and active intelligence. Gain visibility into intelligence landscapes across cyber threats, vulnerabilities, and physical security. With Ignite, security experts can connect the dots across data and intelligence to coordinate a better informed, more effective response–with a holistic view of risk in one place.
Flashpoint Cyber Threat Intelligence
Stay ahead of potential targeted threats like cybercrime, emerging malware, ransomware, and hacktivism using Flashpoint Cyber Threat Intelligence (CTI). Access relevant intelligence based on the unique needs of your team and consume finished intelligence reports written by Flashpoint analysts to understand your risks and make informed decisions on where, when, and how to act.
Search (Text, Images)
Our advanced search capabilities allow users to find valuable conversations and context quickly and intuitively. With filters, modifiers, and channel search, users can easily navigate through the vast landscape of raw collections and intelligence to find the information they need and connect the dots between events. Not only do we search through discussion channels, but we also search across videos and images. Printed and handwritten text are automatically recognized, using Optical Character Recognition (OCR), so you can search for words inside images and extract the information.
Keep informed on the threats and risks you care about and immediately react to new changes. Our search to alerting allows you to create alerts directly from your search queries to notify you when new pertinent information comes in so you can resolve issues faster with less noise.
We offer a range of news-style reports to help organizations stay on top of emerging threats. These reports, generated daily, weekly, monthly and yearly, cover a variety of topics, from technical analysis of malware to strategic assessments of threat actors and their motivations. Intelligence teams can use these reports to inform decision-making and prioritize their efforts to protect their organization.
Our dashboards are a powerful jumping-off point to make better, data-driven decisions. See the value you’re getting from Flashpoint with a comprehensive view of your assets, e.g, organization, and domains measured against our intelligence so you can see what stands out and easily dive in to explore what’s happening.
Automation and Collaboration
Automate information sharing and remediation workflows among a larger group of security teams and provide intelligence for incident analysis and response. Collaborate with our expert analysts to help you field questions and conduct research inside closed illicit communities with our Request for Information (RFI) service. Request, read, share files and track RFI hours directly inside the platform.
Arm security teams across the organization with the contextual intelligence needed to effectively identify, prioritize, and remediate vulnerabilities. Gain insights into publicly available CVEs, as well as the ~97K vulnerabilities not covered by CVE/NVD. Get a comprehensive view into how threat actors are exploiting those vulnerabilities via threat actor communications, message boards, etc.. Leverage enriched data (EPSS, ransomware likelihood score, social risk score, temporal analysis, and others) to help security teams effectively prioritize vulnerabilities and remediate the ones that matter most to their organization.
Flashpoint Compromised Credentials Monitoring (CCM)
Allows users to monitor exposure of compromised credentials for their employee and customer email addresses to take action after breaches to mitigate risk of account takeover (ATO).
Threat Actor Profiles
Build accurate and interactive threat actor profiles that help you gain instant insight into a threat actors pattern of life, including known aliases, the communities they visit, and a histogram of their posting activity over a lifetime. These profiles are refreshed with the latest data so you have the most accurate and current details to identify, attribute, and characterize a threat. (View Threat Actor Profile feature-level messaging and FAQ)
Use natural language search to ask questions and receive answers from Flashpoint Intelligence Reports. Ignite AI simplifies your search process by providing answers to your specific questions using multiple intelligence reports, and offers related links for further investigation. Easily understand intelligence and gather insights efficiently with Ignite AI. (View Ignite AI feature-level messaging and FAQ)
Flashpoint Physical Security Intelligence
Equip your physical security team with real-time access to the most extensive breadth of open-source information available. Analyze, monitor, and be alerted about relevant situations worldwide, so you can make better decisions, faster.
Real-Time Geospatial Insights
Users can create a bounding box over any location in the world by typing in an address or using map-drawing tools, and immediately see the social media posts originating from that precise location.
Geospatial Enrichments via Natural Language Processing
Flashpoint’s NLP enrichment deciphers locations mentioned within social media posts and includes post metadata so data can be plotted to that location on the map.
Language barriers are a major pain point for intelligence analysts. When monitoring global situations, posts are often written in a language not native to the analyst. Flashpoint Physical Security Intelligence enables users to translate their search queries in over 100 languages, and add the translated query to their search in just a few clicks.
This capability allows a user to easily develop an understanding of a threat actor by extracting key information from available data and generating a high-level profile of the post author with the click of a button. This feature greatly reduces the amount of manual labor needed to investigate people of interest.
The Monitor dashboard includes advanced analytics and visualizations, an inbox for reviewing and sharing results, a map view for geospatially enriched data, and alerts for time-sensitive events.
Users can be notified of relevant new posts by creating and receiving alerts via email based on search criteria.
Users can request information and get tailored reports from our intelligence team with the click of a button.
Intelligence reports provide vetted intelligence alongside raw social media data to force multiply efforts and accelerate intelligence cycles.
Flashpoint Vulnerability Management (VulnDB)
VulnDB® is the most comprehensive vulnerability database and timely source of intelligence available. It allows organizations to search for and be alerted to the latest vulnerabilities, both in end-user software and third-party libraries and dependencies.
Become Aware Of Issues Missed By Cve/Nvd
VulnDB fully maps to CVE, covering IT, OT, IoT, CoTs, and open source libraries and dependencies. It also catalogs more than 90,000 vulnerabilities missed by the public source. Every entry is standardized, containing detailed vulnerability source information, extensive references, links to Proof of Concept code, solution information, and other metadata (if known).
Vulnerability Alerting Without Scanning
Enable real-time alerting and threat modeling while identifying vulnerabilities without having to scan your network. VulnDB is immediately actionable and is available as a RESTful API, or integrates into existing tools and workflows.
Vendor And Product Risk Ratings
Determine which products and vendors are putting the organization at risk, including how quickly they respond to researchers and provide patches. Risk Based Security’s Proprietary Vulnerability Timeline and Exposure Metrics (VTEM) combined with accurate CVSS scores, extensive historical data, and the ability to compare vendors and products, provides users with a full picture, empowering Cost of Ownership analysis.
Get comprehensive insight on vulnerabilities in third-party libraries used in products and software development. Monitor and track each library to ensure that newly disclosed vulnerabilities are addressed to evaluate and select the best third-party libraries.
Ransomware And Exploit Prediction Models
Prioritize vulnerabilities based on the likelihood they will be used in future ransomware events and actively exploited in the wild.