Organizations face significant challenges in safeguarding their brand and digital assets from threats such as credential theft and brand impersonation. Using our comprehensive asset inventory, along with embedded intelligence and automation, Cortex XSIAM Digital Risk Protection discovers and helps you mitigate the following risks:
Brand risk domains
Brand risk domains pose a threat to organizations because they can be used by threat actors to deceive customers, partners, or employees by impersonating a legitimate brand or application. These domains can be used for phishing attacks, spreading malware, launching social engineering campaigns, or conducting other fraudulent activities. Additionally, malicious brand risk domains can also be used to steal sensitive information such as login credentials, financial data, or intellectual property.
Leaked credentials
Leaked Credentials pose a risk to organizations by providing unauthorized access to sensitive systems and data, leading to data breaches, financial losses, and reputation damage.
Cortex XSIAM focuses on externally reported credential leaks, specifically surfacing those that have occurred within the last six months.
Digital Risk Protection is disabled by default. You can enable it by enabling the Brand Risk Domains and Brand Risk Leaked Credentials attack surface rules. When enabled, these rules generate issues that include brand risk domain and leaked credential information on the issue details panel.
Navigate to → → → .
Filter the list of attack surface rules by ASM Issue Categories = Brand Protection.
Select either or both rules, right-click and select Enable.
Note
Both of these attack surface rules are based on the attributed domain assets that appear in the asset inventory. If there are no attributed domains in your inventory, Cortex XSIAM will not generate Digital Risk Protection findings and issues.