Documentazione renderizzata
Questa pagina renderizza Markdown e Mermaid del modulo direttamente dalla fonte pubblica di documentazione.
Overview#
The Dark Web Monitoring domain provides keyword-based monitoring across dark web sources to detect mentions of sensitive information. Organizations define keywords to track and configure sources to scan, with alerts created and routed through a lifecycle from NEW through RESOLVED when matches are detected.
Key Features#
- Keyword tracking for emails, phone numbers, names, credit cards, SSNs, and IP addresses
- Source scanning across pastebins, forums, marketplaces, breach databases, onion sites, Telegram, and IRC
- Alert lifecycle management from NEW through ACKNOWLEDGED, IN_PROGRESS, and RESOLVED
- Severity classification for detected matches
- Graph relationship modeling linking alerts to matched keywords and discovery sources
- Organization-scoped keyword and alert management
- Dual-database persistence for transactional and graph-based analysis
- Configurable source selection per organization
Use Cases#
- Monitoring for leaked organizational credentials on dark web forums and pastebins
- Tracking mentions of sensitive personnel information across dark web sources
- Detecting compromised financial data on dark web marketplaces
- Alerting on dark web mentions of organizational assets and IP addresses
Integration#
Integrates with alert management, investigation, and notification domains. Supports background scanning via dedicated worker services.
Last Reviewed: 2026-02-24