BreachWatch Protects Organizations from Credential-Stuffing and Account Takeover Attacks
Keeper Security, Inc., provider of the leading cybersecurity platform for preventing password-related data breaches and cyberthreats, unveiled BreachWatch, an enterprise-level dark web monitoring and risk assessment solution for business customers. Available as a secure add-on for $20 USD per user per year, BreachWatch seamlessly integrates with a company’s existing Keeper Business or Keeper Enterprise subscription. The powerful tool continuously scans user vaults for login credentials that have been exposed on the dark web through a public data breach and notifies users to change compromised credentials.
Every day, employees access critical IT systems and proprietary information, making them gatekeepers of a company’s information security. If even one employee’s credentials are exposed on the dark web, the entire organization is at risk for a cyberattack. Breached accounts can remain exposed for months, but it’s impractical for users to manually check if their credentials have been breached given the number of attacks that happen daily. BreachWatch helps businesses eliminate this critical blind spot by monitoring for password vulnerabilities across their employee base and notifying them if any employee credentials have been exposed. The solution supports administrator audits to highlight employees with risky or non-compliant behavior, so businesses can take action to remediate quickly.
There are billions of passwords being sold on the dark web and available for cybercriminals, who increasingly use stolen credentials and software for large-scale automated attacks. Known as credential stuffing, these attacks exploit the common practice of password reuse across many accounts to gain unauthorized access. “With BreachWatch, businesses are notified of stolen credentials from public data breaches and can take immediate action to mitigate a threat. BreachWatch provides businesses with continuous visibility into their password security and helps protect their organizations against cybercriminals,” said Darren Guccione, CEO and Co-founder of Keeper
In addition to notifying users of exposed credentials upon logging in, administrators are given user summaries with insights into the number of at-risk passwords and password status by user, while maintaining Keeper’s zero-knowledge architecture. BreachWatch integrates with existing security information and event management (SIEM) tools to support deeper analysis and reveal if there are more sophisticated threats present. When combined with Keeper’s Advanced Reporting & Alerts (ARA) module, the platform provides real-time alerts and the ability to isolate specific risky behaviors so businesses can take immediate restorative action and mitigate the vulnerability to an attack.