Based on studies and years of professional experience, we know that cyber criminals are constantly monitoring and successfully attacking companies. We know that this is due to the fact that those companies lack visibility and control on how they are perceived from the outside. By not having this dynamic view at hand, security & risk stakeholders are struggling to answer simple questions like:
- “What information are my applications and my employees leaking?”
- “How does my external "footprint" on the internet compare with others?”
- “Am I an easy target compared to others?”
- “What personal data is my company leaking?”
- “How is this data misused?”
Not knowing an answer to those questions leaves an organization in the dark and at high risk. Without awareness, your company can be attacked by cyber criminals, potentially undermining your critical business information infrastructure, resulting in financial losses and damage to your reputation. The cyber security solution called “Sweepatic” is able to address those important questions for you. At the same time, it helps your company to comply with the General Data Protection Regulation (GDPR), the EU legislation that stipulates companies are, among other things, liable for protecting used data, and assessing their security risks.
To apprehend the Sweepatic solution, it's important to understand the “Cyber Kill Chain” concept. It’s a phased model used in the military world that describes the different phases of a targeted cyber attack. The reconnaissance phase is the first and initial phase, prior to the attack. This phase is used by cyber attackers to research, to perform identifications and to select their targets. They obtain this view by using different advanced reconnaissance techniques.
The Sweepatic solution mimics the way the different threat actors are conducting these reconnaissance activities. We operate just like the criminals do in their preparation phase. By doing so, Sweepatic develops a view of the potential possibilities to breach your company.
Due to the way companies interact with each other via web services, how employees and consumers communicate with and about the organization, one can see a great amount of digital artifacts about the company, that are publicly available. As these are picked up by cyber adversaries, in order to prepare their attack (e.g. spear phishing threat), Sweepatic customers can really benefit from the Sweepatic solution to become informed. It allows your company to take action in a proactive way.
The Sweepatic solution contains different layers: Sweep, Analyze, Evaluate, Report, Clean and Collaborate. The solution runs around the clock (24x7) by using real-time data exploration and highly technological reconnaissance techniques.
Our personal data crawler “sweeps” the publicly available information of internet domains and is collecting all kinds of different files and pictures on the internet to extract personal data. It's by extracting and analyzing those artifacts that Sweepatic is able to create insights about your information leakage. Sweepatic is also able to clean these data leaks, preventing your company of further unwanted information exposure. As the results are centralized, Sweepatic always keeps a pair of eyes on your digital footprint and alerts you when appropriate.
We also conduct targeted hunting engagements using amongst others Open Source intelligence (OSINT), can generate benchmarks and research studies for your company to compare your digital footprint with business competitors, a particular industry, country or other combinations.