Dark Web Dashboard

The Dark Web Dashboard gives your security team visibility into threats that originate beyond the surface web. It’s a real-time snapshot of how your organization is being targeted, referenced, or exposed on dark web sources, helping you stay ahead of emerging risks.

For example, you might notice a spike in exposed credentials linked to your domain. The dashboard directs you straight to the relevant findings where you can review the associated breach data, including the source. From there, your team can decide what action to take, such as forcing password resets. The sooner you act, the more you limit potential impact.

Using the Widgets

Each widget in the Dark Web Dashboard displays a snapshot of current metrics for specific entities, such as email domains for employees and customers , email addresses, employee names, or credit card BINs. Use the widgets to review findings by type and dig deeper into any area that shows unusual activity.

To expand a widget and see more detail:

• Select the double arrow toggle in the upper right corner.

To trace where data came from:

• Select the info icon next to the data source name.

To view all associated findings for that entity:

• Select See Active Findings to go to a prefiltered list.
• For more, see Managing Dark Web Findings.

To filter by a different entity value:

• Select a new value from the dropdown at the top of the widget.

Dashboard Workflows

The dashboard helps your team respond quickly when high-risk data appears on the dark web. Here are a few sample workflows that show how you can use it to identify and prioritize threats.

Internal Account Compromise

Use the Employee Email Domain widget to spot exposed employee email addresses or login credentials.

1. Set the Domain dropdown to the domain name your company’s employees use most (e.g., @yourdomain.com).
2. Look for a spike in the Password Details metric, especially the Plain text password
3. Select See Active Findings to view exposed accounts.
4. Check breach details to confirm exposure source and date.
5. Share findings with teams to reset passwords and investigate activity on the accounts.

Customer Account Exposure

Use the Customer Email Domain widget to monitor compromised third-party addresses linked to your brand.

1. Set the Domain dropdown to the domain name your customers use most (e.g., @gmail.com).
2. Look for a spike in the Total Email Addresses
3. Select See Active Findings to view associated records.
4. Determine whether exposed accounts map to your customer base.
5. Notify affected users or flag for enhanced login monitoring.

Stolen Credit Card BINs

Use the Credit Card widget to track exposed BIN (Bank Identification Numbers).

1. Use the BIN dropdown to choose a BINs associated with your issuing bank or payment processor.
2. Select See Active Findings to view cards recently listed for sale.
3. Filter by Discovery Date range to catch fresh listings quickly.
4. Export findings and send them to your fraud operations team for follow-up.
5. Trigger the reissue or freeze procedures you have in place.

Executive Doxing

Use the Employee widget to check for doxing or targeted information leaks about your C-suite executives.

1. In the Employee dropdown, select one of the search terms already added.
2. Look for a spike in Times Detected.
3. Select See Active Findings to view the related leaks.
4. Click through a content hyperlink to examine post content or linked sources.
5. Determine if the finding is malicious, suspicious, or a false positive and follow appropriate procedures.

Top 5 Search Terms

Use the Other Terms widget to find the most widespread current threats.

1. Monitor the list of the five leaks with the most detections for changes.
2. Select See Active Findings to view the latest leaks that require review or action.
3. Filter by Discovery Date range to prioritize fresh findings.