Updated Articles

  1. Phish Events Updated

    Phish events are available to External Threats customers subscribed to the Brand Phishing module. They alert customers to phishing pages targeting their brands and customers.  RiskIQ ingests millions suspected phishing URLs every day from a ...
  2. Defacement Events Updated

    Defacement events are available to customers who have purchased RiskIQ Enterprise Digital Footprint ( view product description ). They alert customers to any sites within their inventory that have been defaced by hackers. When a defaced site i...
  3. Event User Actions Updated

    This article provides definitions and instructions for managing events within the RiskIQ interface or API, including  Assigning event status, owner, and priority Adding notes or tags Emailing event details for feedback from teammates (UI on...
  4. Domain Infringement Events

    Domain Infringement events are available to External Threats customers subscribed to the Domain Threats module. They alert customers to third party-owned domain and subdomains names that are confusingly similar to branded terms or trademarks. This...
  5. Social Events

    Social events are available to External Threats customers subscribed to the Social Brand Threats or Social Executive Threats modules . They alert customers to unauthorized social profiles claiming to represent their brand and/or an executive or em...
  6. Flashpoint Deep and Dark Web Integration

    Overview This integration is available to customers subscribed to the Deep and Dark Web module of RiskIQ External Threats , which is powered by our Deep and Dark Web partner, Flashpoint ( https://www.flashpoint-intel.com ), or who are currently mu...
  7. Event Lifecycle Performance Metrics

    This article provides definitions and information on the metrics recorded for External Threat events and related enforcement actions. This data can be viewed by downloading event data from your workspace using the button at the top right of the even...
  8. API Documentation

    The latest RiskIQ API documentation may be found at https://sf.riskiq.net/crawlview//api/docs/ The latest PassiveTotal API documentation may be found at https://api.passivetotal.org/api/docs/ The latest Security Intelligence Services API docum...
  9. Malware (Hashes)

    Malware (Hashes) PassiveTotal partners with a number of commercial and open source repositories of malware data in order to pair it with queried infrastructure to populate the Hash data set. This data helps analysts understand actor capabilities...
  10. Event API POST

    Overview Within the API settings of your workspace, you can set up an API Post URL. If this URL is set, then for each event-type with API POST enabled in it's configuration settings, a response will be pushed to the Post URL for the workspace a...