NCC Group Finds a Trusted Partner For Dark Web Intelligence

click the link above to download the case study

FINDING A TRUSTED, LONG-TERM PARTNER FOR DARK WEB INTELLIGENCE

NCC Group, a tech-enabled cybersecurity company, has been a Searchlight Cyber partner for more than four years, utilizing its dark web intelligence and monitoring in its security services for its global customer base of more than 15,000 organizations around the world.

NCC Group began working with Searchlight as part of its ongoing efforts to enhance visibility into dark web threats. The move was driven by increasing concern from customers, alongside a growing need for an enhanced and efficient way to identify valuable data on hidden forums, marketplaces, and sites. This encouraged the cybersecurity company to take the bold initiative to expand its existing coverage of the dark web. It identified Searchlight – which at the time had a strong reputation with law enforcement and government agencies – as one of the best sources of dark web intelligence.

“Dark web investigations weren’t as common back in 2021 but we recognized that attacks were originating on the dark web and that we could get ahead of them if we could gather intelligence from the source. We quickly identified that no one did it better than Searchlight – their coverage and expertise in this space was unparalleled – and became early adopters of their dark web investigation tools for enterprise organizations”– said Matt Hull, Global Head of Threat Intelligence at NCC Group

Enhancing Threat Intelligence With Dark Web Investigations

Since 2021, NCC Group’s threat intelligence team has been using Searchlight Cyber’s dark web investigation tools to support customer investigations and enhance its understanding of the cybercriminal landscape. These tools complement NCC Group’s work, strengthening the analytical capabilities provided to its clients. The data provided by Searchlight is now one of its key cyber threat intelligence sources, providing context on cybercriminal actors, emerging tactics, exploited vulnerabilities, and more. It is also regularly deployed to support services such as incident response and customer research projects on specific threats.

“The dark web is effectively the home of cybercrime,” said Hull, “which is what makes the ability to gather intelligence from dark web sites, marketplaces, and forums so powerful from a security research perspective. The intelligence we can access with Searchlight’s tools informs our understanding of threats ranging from ransomware, to hacktivism, to malware strains like infostealers. One of the biggest strengths of Searchlight is the depth of the historic dataset, which helps us go back and track when threats emerged and look at how attacks were conducted against organizations.”

Expanding Dark Web Intelligence Into An Online Exposure Management (OXM) Service

NCC Group’s use of Searchlight’s intelligence helped it identify the opportunity to build a bespoke service with dark web monitoring at the center, for customers that want the quickest possible alert to potential attacks and emerging threats. Powered by Searchlight Cyber’s dark web monitoring platform, NCC Group’s Online Exposure Management service (OXM) combines its threat intelligence expertise and consultant-led approach with continuous monitoring of an organization’s digital risk.

OXM alerts customers to potential attacks from the clear, deep, and dark web by monitoring for incidents related to an organization’s assets – such as breached credentials, exposed data on code repositories, phishing domains, and threat actor discussions. NCC Group’s analysts review the alerts and assist organizations with asset discovery, triage, threat hunting, mitigation advice, and actionable recommendations so they can adjust their security posture appropriately and minimize total threat impact and cost.

“Searchlight Cyber has helped us to create one of the best services on the market for continuous monitoring of an organization’s deep and dark web exposure,” continued Matt. “Searchlight’s approach of scanning for an organization’s assets allows us to spot threats on the dark web that indicate a real threat, cutting down on alert fatigue and providing assurance to our customers that we are being proactive in their security. It aligns with our objectives to detect risks earlier and reduce the impact, risk, and cost for our customers.”

click HERE to download the full case study