Brand-monitoring, reputation and risk-assessment in one tool.
Rating: 9 out of 10
IncentivizedUse Cases and Deployment Scope
We mainly use RF for our brand-monitoring, to maintain our reputation and for monitoring partner companies. They offer scanning of a wide range of the internet, be it public sources like various pastebins, github, or social media, as well as forums on the darknet. This helps identifying if any company assets have been leaked (by employees unintentionally as well as through potential fraudsters). Additionally it helps us with identifying the severity of vulnerabilities by assessing how many POCs are available or how often certain vulnerabilities are mentioned in related channels.
Pros
- Everything they find is also available in their own cache. So for example if a pastebin expired, you can still view it later on.
- The risk score of vulnerabilities shows actual malicious activity. Image the CVS-Score is medium, but there is a lot of exploit chatter, you want to prioritize fixing this vulnerability.
- Their watchlists are easy to set up and offer monitoring your tech-stack, peers, persons of special interest, etc.
Cons
- E-Mail reports can show unrelated content, especially sometimes you'll see alerts popping up for articles which have been published years ago but for some reason were just recently discovered by RF.
- Yara rules from their insikt blog sometimes are not syntactically correct and need to be manually edited to actually work. There's some proper QA missing.
- Their global and 3rd party risk reports could be more tailored towards the industries of their client. There is entries for totally unrelated security incidents. Of course a global list aims to find incidents on a global view, but it doesn't add much value at that point.
Likelihood to Recommend
If you need to know who talks about your company, if it maybe even is a target you should consider using RF. As my company is providing services for resellers, we are also concerned about which customers these resellers attract as they can impact other customers using our shared infrastructure. Evaluating risk of partners or of products is another feature I'm using here.
So far it didn't help much identifying the reputation of IP-addresses, that's probably also due to the nature of my requests which are not necessarily covered by RF.
Vetted Review
1 year of experience