Outpost24 expands platform for data & social threat defense
The new Social Media and Data Leakage modules are offered alongside the existing Leaked Credentials and Dark Web modules. The company said these modules are designed to enhance customer insights into the entire attack surface, supporting organisations as they aim to identify threats across a broader range of digital channels.
According to Outpost24, the Social Media DRP module enables organisations to monitor their social media profiles as part of their attack surface. This module tracks social media impersonation, external breaches, and internal leaks in real-time, providing security teams with earlier visibility into threats originating from such platforms.
Meanwhile, the Data Leakage DRP module is built to detect potentially leaked documents and source code. By promptly bringing these exposures to security teams' attention, the module aims to provide companies enough time to respond and mitigate potential consequences before sensitive information is misused.
The company highlighted that these modules leverage access to private and exclusive sources, strong automation capabilities, and advanced threat intelligence to give organisations a more comprehensive view of their external threats and risks. Outpost24 said this broader overview is intended to empower security teams to be more proactive and better prioritise their response efforts.
"Organisations often forget that threat actors use the information on public social media profiles to launch targeted attacks or even to impersonate executive leadership. But they absolutely do, and it's extremely important that security teams track this. We've built our DRP modules for Social Media and Data Leakage based on rich threat intel and accelerated automation so that organisations can get the full context behind each new alert," Omri Kelter, Chief Product Officer at Outpost24, said, explaining the capabilities of the new modules.
Outpost24 stated that by employing these monitoring modules, companies may be able to respond faster to threats emerging on social media, detect and address leaked documents or code before they become problematic, protect their reputations, and reduce the risks of phishing or fraud. Early detection is positioned as a preventive measure to stop confidential information from spreading.
The company noted that threat actors have increasingly been using information from social media profiles to plot attacks against companies of all sizes. Monitoring these activities, it said, supports organisations in maintaining timely awareness of new or emerging risk vectors that might not be addressed with traditional security approaches.
The inclusion of these modules extends the capabilities of Outpost24's EASM platform, which now covers additional facets of the attack surface and potentially enables customers to gain earlier warnings and more context for security incidents involving external-facing assets.
Follow us on:
Share on:
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
RNZ News
05-08-2025
- RNZ News
Cybersecurity warning: 'Widespread exposure of compromised credentials'
Employee records linked to more than 198,000 NZ companies and entities were found on the dark web. File photo. Photo: Andrew Brookes, AB Still Ltd, Thousands of leaked credentials for employees from NZ government departments and healthcare organisations can be found on the dark web, says a digital security firm. The data is part of more than 150 million compromised records connected to New Zealand that is accessible on the dark web, according to a study by Kiwi tech start-up nWebbed Intelligence. The company's cybersecurity study analysed more than 30 billion credentials available for sale on the dark web and found links to more than 198,000 New Zealand companies and entities. It also found the usernames and passwords of more than 18,000 NZ government workers, 3200 banking staff and 2000 healthcare organisation accounts were also found in leaked databases. nWebbed Intelligence founder Julian Wendt said local organisations were underestimating the scale of cyber risk, and am urgent review of cybersecurity protocols was needed in the country's sensitive institutions and corporations. "We are seeing widespread exposure of compromised credentials linked to core parts of the New Zealand economy, including health providers, government agencies, banks and large-scale businesses. "These are trusted institutions that Kiwis interact with every day, and they are real emails and passwords sitting in the wild. They're searchable, for sale and vulnerable to exploitation." He said some breaches were going undetected for years. "It's not that someone was hacked once and that's it. In many cases, credentials from five or six separate breaches are still sitting out there, waiting to be exploited." Qantas recently revealed an attack by cybercriminals may have accessed as many as six million customer records. Sign up for Ngā Pitopito Kōrero , a daily newsletter curated by our editors and delivered straight to your inbox every weekday.
Techday NZ
02-08-2025
- Techday NZ
Outpost24 launches tool to detect dark web credential leaks
Outpost24 has launched a free tool aimed at helping organisations identify whether their credentials have been exposed on the dark web. The new product, known as the Outpost24 Credential Checker, enables organisations to check if their email domain is associated with credentials that have been leaked covertly online. This new offering is powered by the company's CompassDRP Digital Risk Protection solution, leveraging Outpost24's threat intelligence database to report on compromised credentials linked to a specified domain and its web assets. Timely identification of credential exposure is regarded as critical for preventing data breaches. The company states that its Credential Checker provides a measure to spot leaked credentials before they cause serious harm, whatever the size of business. Our goal in offering our Outpost24 Credential Checker is to democratise threat intelligence and help everyone to be more secure. With our Outpost24 Credential Checker, we're offering a sneak peek into a small part of our threat intelligence knowledge base, but also making it accessible to everyone, especially those organisations with smaller budgets. The tool is designed to be straightforward to use. Users input an email address connected to their corporate domain, after which the Credential Checker scans Outpost24's database - comprising billions of compromised credentials. Within minutes, a report is generated showing whether there is a match in known public breach repositories. The free report provided to users details the number of stolen credentials discovered for a given domain and its related web assets. It also offers context on how the information may have been compromised, which includes naming prevalent malware or viruses identified as responsible for the data theft. Outpost24 reports that the Credential Checker's threat intelligence capabilities are sourced from its CompassDRP platform. This solution provides security teams with a view over an organisation's digital attack surface as well as external threats in one cloud-based system. The platform brings together asset discovery from Outpost24's EASM platform with Digital Risk Protection modules. This permits continuous monitoring of both known and unknown public-facing internal assets in addition to external threat intelligence gathered from sources across the open, deep, and dark web. When threats are identified, the system aims to prioritise them through contextual threat intelligence insights, which are intended to help security teams expedite remediation processes. The launch of the Credential Checker adds to the company's range of tools to support security teams as they aim to stay ahead of emerging digital risks. Outpost24 provides Attack Surface Management solutions designed to help security teams stay ahead of evolving cyber threats. The company supports thousands of organisations worldwide by enabling them to identify, protect against, and monitor digital risks before they can be exploited. Founded in 2001, Outpost24 is headquartered in Sweden and maintains a global presence with offices in the United States, United Kingdom, France, Belgium, and Spain. The company's services are aimed at enhancing visibility and control over potential vulnerabilities across digital infrastructures. Follow us on: Share on:
Techday NZ
26-06-2025
- Techday NZ
Bitdefender unveils EASM for proactive attack surface security
Bitdefender has launched a solution designed to provide managed service providers, businesses, and their customers with comprehensive oversight of internet-facing assets and related vulnerabilities. The release of GravityZone External Attack Surface Management (EASM) comes amid growing focus on attack surface reduction, a strategic priority identified by cybersecurity experts and highlighted in recent industry research. Gartner forecasts suggest that, through 2029, over 60% of security incidents will be linked to misconfigured technical security controls. A recent survey of 1,200 cybersecurity professionals also places attack surface reduction at the forefront of their operational concerns. The evolving digital landscape, fuelled by ongoing digital transformation, widespread cloud adoption, remote work trends, and increased integration with third-party infrastructure, is expanding the range of potential entry points that adversaries could exploit. Bitdefender pointed out that, without effective oversight, assets such as abandoned domains, improperly configured cloud resources, and expired digital certificates may go unnoticed, potentially leaving organisations exposed to attackers who habitually probe the internet for vulnerabilities. The EASM module is designed to work without requiring deployment on endpoints, providing a proactive mechanism for identifying and assessing external risks while aiming to minimise the scope of possible attack vectors. By continually discovering, mapping, and analysing internet-exposed assets from the same perspective as potential attackers, organisations are positioned to assess risk, identify vulnerabilities, and take remedial actions before any potential exploitation. GravityZone EASM is provided as an add-on to Bitdefender GravityZone, which is the company's platform for endpoint protection, endpoint detection and response, extended detection and response, and cloud-native security. The system scans a wide range of asset categories, such as IPv4 and IPv6 addresses, IP blocks, email addresses, and domains. Comprehensive asset discovery is achieved by identifying public IPs, alerting to expiring or expired certificates, highlighting vulnerable public services, and recognising open network ports. This asset review process is intended to ensure that all relevant systems are accounted for in centralised monitoring and management. Features Bitdefender highlighted that GravityZone EASM delivers rapid discovery and visibility by scanning and mapping all internet-facing assets—including devices, domains, subdomains, applications, certificates, connections to third parties, and instances of shadow IT—within as little as 30 minutes. Organisations are provided with a full view of their attack surface, extending even to assets that are unmanaged or no longer in regular use. The solution incorporates continuous vulnerability monitoring and alerting. It detects vulnerabilities and misconfigurations across both internal and external systems, including assets managed by external partners, customers, and entities within the supply chain. Immediate, context-rich alerts for exposed systems, expired certificates, and high-risk threats are generated. Alerting is prioritised according to severity, such as CVE scores, to optimise the response processes and remediation actions. GravityZone EASM forms part of a unified approach for security, risk management, and compliance within the GravityZone platform. By integrating these functionalities, both security analysts and administrators can leverage the solution for use cases such as threat analysis, vulnerability prioritisation, policy enforcement, and configuration of access controls. All operations are managed within a single platform. "Security teams across businesses and MSPs face increasing pressure to keep pace with expanding attack surfaces, driven by digital transformation and complex third-party ecosystems," said Andrei Florescu, President and General Manager at Bitdefender Business Solutions Group. "Effective defence-in-depth security starts by reducing the attack surface as much as possible before threats reach the detection and response layers. GravityZone EASM is a critical part of our vision for unified security, risk management, and compliance, enabling proactive discovery and control of internet-facing assets that could serve as potential entry points for attackers." Bitdefender GravityZone EASM is available as an option to select license tiers of GravityZone and for use in conjunction with the company's managed detection and response services.
