Enzoic Navigation
  • PRODUCTS & SOLUTIONS
    • PRODUCTS
      • Enzoic for Active Directory
      • Active Directory Lite
      • Breach Monitoring
    • SOLUTIONS
      • ATO Protection
      • NIST Password Compliance
    • INDUSTRIES
      • Hospitals & Healthcare
      • Government
      • Education
      • Financial Service
  • RESOURCES
    • CONTENT
      • Resource Hub
      • Blog
      • FAQ
      • Case Studies
      • Videos
    • DEVELOPERS
      • Support
      • Active Directory Tech Docs
  • COMPANY
    • OVERVIEW
      • About Us
      • Security
      • Threat Intel
      • Newsroom
      • Partners
      • Careers
      • Contact Us
  • PRICING
  • LOGIN
  • SIGN UP
  • PRODUCTS & SOLUTIONS
    • PRODUCTS
      • Enzoic for Active Directory
      • Active Directory Lite
      • Breach Monitoring
    • SOLUTIONS
      • ATO Protection
      • NIST Password Compliance
    • INDUSTRIES
      • Hospitals & Healthcare
      • Government
      • Education
      • Financial Service
  • RESOURCES
    • CONTENT
      • Resource Hub
      • Blog
      • FAQ
      • Case Studies
      • Videos
    • DEVELOPERS
      • Support
      • Active Directory Tech Docs
  • COMPANY
    • OVERVIEW
      • About Us
      • Security
      • Threat Intel
      • Newsroom
      • Partners
      • Careers
      • Contact Us
  • PRICING
  • LOGIN
  • SIGN UP
Threat Intelligence Research

The Benefits of Specialization in Threat Intelligence Research

Keeping Perspective

Broadly speaking, a threat is a potential negative action or event that impacts a network or system. In cybersecurity, the term refers to intentional events, like hacking. A threat actor is an individual or group that performs a negative action. 

In the cybersecurity industry, threat intelligence research can provide some benefits to companies. It can drive organizations to create defensive policies and create systems that are predictive, not just reactive. 

Working towards early threat detection and identifying effective procedures to rectify problems are two goals within threat intelligence. 

Many aspects of threat intelligence relate to how researchers can go about gathering various types of information about possible threats–ideally before they happen. Research efforts typically focus on broad PII (personally identifiable information) categories from deep and dark web data. The information includes a diversity of data, from server traffic to exposed passwords. By analyzing this data, threat researchers work to discover who is attacking, what their M.O. is, and how you would even realize you’d been compromised. 

However, there is often a massive surplus of data, and it takes threat researchers to figure out what is useful, and how. In effect, broad PII research tactics miss what focused queries in breach exposure data and compromised credentials can provide. 

Identifying the Problem 

The 2020 Verizon DBIR report showed that 80% of breaches were related to compromised credentials, indicating a great need for attention on password research. Therefore, developing focused threat intelligence information on compromised credentials is a more efficient way to enhance security for an enterprise.

Most threat research will focus on the large, high-profile breaches, but miss many of the smaller exposures. Attackers, however, exploit credentials from smaller breaches all the time. They know they are picked up less often and are thus less likely to be detected by a cybersecurity service.  

Smaller-scale companies are often targeted by threat actors because they may be using outdated software, due to a lack of resources for robust security practices. Software with weak or nonexistent password hashing makes yielding the plaintext passwords easier. Additionally, with the ever-concerning issue of password reuse, if an employee has used the same or a similar password elsewhere, other accounts and networks can be compromised, not just the targeted one. Therefore, even the smallest breaches are still dangerous. 

From General to Specific

Generally speaking, threat researchers try to consider all types of threats and think about both why and how bad actors might want to launch attacks. The element of human psychology is important, as researches elucidate what people want and how they could get it. With this in mind, there is a lot of threat intelligence data that is not particularly actionable. For instance, just because a user’s username was compromised may not mean there is an active problem.  

However, Enzoic’s research is related to actual passwords and credentials. When these are exposed, there is an immediate problem that needs to be resolved, and threat intelligence providers want immediate action. 

Focused manual efforts towards compromised credentials can close vulnerabilities, but sometimes the scale is too massive, and sometimes it’s too late. Fortunately, there are other actionable solutions and sophisticated automated efforts that can be applied to accelerate all parts of the process. Password data from threat intelligence can be fully automated, saving companies time and money and improving security. Additionally, an automated system has the benefit of decreasing the delays between periodic audit-based processes and removing vulnerabilities open to threat actors. 

Finding Solutions

As with most cybersecurity quandaries, the best solution involves both automation and a human touch. We need real people researching, detecting, and responding to threats before and as they happen, as well as automated systems that can quickly monitor credential use and alert us to breaches and issues. The combination of real-time checking and continuous monitoring is the most efficient at keeping compromised passwords out, and rapidly removing good passwords that become bad. 

Threat research data needs to be cleaned and analyzed–both by hackers and researchers–to be used effectively, which necessitates big-data analytics tools. At Enzoic, we invest in technology and human efforts deeper than most.

Our research is powered by a combination of human and automated intelligence to scour the public Internet, Dark Web and work with private sources to obtain data before it gets more widely distributed. 

We include data from breaches of all sizes–from the headline-making disasters to the more numerous small breaches that present outsized risks to both organizations and individuals–to provide more comprehensive and fully actionable solutions for companies. Our credential and password database is updated multiple times each day so that threats are identified as soon as possible. 

Compromised Password Screeninginsider threatpassword reuse

Search

Assess your cyber vulnerabilities with a free password audit tool
Start Now

Browse blog categories

  • Account Takeover (28)
  • Active Directory (44)
  • all posts (153)
  • Continuous Password Protection (24)
  • COVID-19 (7)
  • Cracking Dictionaries (6)
  • Credential Screening (21)
  • Cybersecurity (66)
  • Data Breaches (31)
  • EdTech (3)
  • Enzoic News (18)
  • Financial Services Cybersecurity (5)
  • GovTech (4)
  • Healthcare Cybersecurity (15)
  • Law Firm Cybersecurity (2)
  • NIST 800-63 (28)
  • Password Security (30)
  • Password Tips (51)
  • Regulation and Compliance (11)

Stay up to date

Research, news, and more right to your inbox

More

  • Learning about strong, but unsafe passwords
  • What is a credential stuffing attack?
  • What is account takeover (ATO) fraud?
  • Eliminating password reuse to prevent ATO fraud
  • Developer Documentation (APIs)

Recent blog posts

  • Should Your Business Prevent Leetspeak in Passwords?
  • CISA: The Risk of MFA Without Improving Password Security
  • It’s W0rld P@ssw0rd D@y!
  • [ Sign Up for a Free Account ]
  • Contact Us
  • 1-720-773-4515

Enzoic ©2022 | Privacy Policy | Acceptable Use

3800 Arapahoe Avenue, Ste 250 l Boulder, CO 80303

Enzoic’s password auditor provides a great baseline for assessing password vulnerability. Get next level of compromised credentials protection and try the full Enzoic for Active Directory at no cost.

Cookies

This website uses cookies to improve your experience. Continue to use the site as normal if you agree to the use of cookies. To find out more about our use of cookies or to opt-out, please see our Privacy Policy.

More Information
This site is for EDUCATIONAL PURPOSES ONLY.
Your password will be sent securely to the Enzoic servers to check if it is compromised. We do not store your password or use it for any other purpose. If you are not comfortable with this, do not enter your real password.
What is this?

Password Check is a free tool that lets you determine not just the strength of a password (how complex it is), but also whether it is known to be compromised. Billions of user passwords have been exposed by hackers on the web and dark web over the years and as a result they are no longer safe to use. So even if your password is very long and complex, and thus very strong, it may still be a bad choice if it appears on this list of compromised passwords. This is what the Password Check tool was designed to tell you and why it is superior to traditional password strength estimators you may find elsewhere on the web.

Why is it needed?

If you are using one of these compromised passwords, it puts you at additional risk, especially if you are using the same password on every site you visit. Cybercriminals rely on the fact that most people reuse the same login credentials on multiple sites.

Why is this secure?

This page, and indeed our entire business, exists to help make passwords more secure, not less. While no Internet-connected system can be guaranteed to be impregnable, we keep the risks to an absolute minimum and firmly believe that the risk of unknowingly using compromised passwords is far greater. Since our database of compromised passwords is far larger than what could be downloaded to the browser, the compromised password check we perform must occur server-side. Thus, it is necessary for us to submit a hashed version of your password to our server. To protect this data from eavesdropping, it is submitted over an SSL connection. The data we pass to our server consists of three unsalted hashes of your password, using the MD5, SHA1, and SHA256 algorithms. While unsalted hashes, especially ones using MD5 and SHA1, are NOT a secure way to store passwords, in this case that isn’t their purpose – SSL is securing the transmitted content, not the hashes. Many of the passwords we find on the web are not plaintext; they are unsalted hashes of the passwords. Since we’re not in the business of cracking password hashes, we need these hashes submitted for more comprehensive lookups. We do not store any of the submitted data. It is not persisted in log files and is kept in memory only long enough to perform the lookup, after which the memory is zeroed out. Our server-side infrastructure is hardened against infiltration using industry standard tools and techniques and is routinely tested and reviewed for soundness.

More…
  • Visit our FAQ to learn more
  • Contact us for press or sales inquiries
  • Add a free password strength meter to your website