What is your exposure and how should you respond?


  • Risk assess leaked credentials.

    Everyone has lost data to the dark web, some more recently than others. Triaging whether the data presents a real risk or is an active indicator of compromise is part of the analysis performed by the Talanos intelligence team. Impacts are quantified and if necessary, the team will run incident response.

  • Detect and takedown spoofed domains.

    Typosquatting domains and spoofed websites created to steal your users credentials are registered all the time. Talanos will detect when material that infringes your copyright and trademarks are published and proactively takedown the domains and pages before they become a threat.

  • Identify infected machines.

    Metadata attached to breached data provides a wealth of information on how the data was collected and where it could be subsequently used. Talanos analyses this data to determine a number of insights such as if endpoints have been infected with malware or whether MFA has been effectively rolled out.

  • Detect inbound and outbound Tor traffic.

    Although there might be a legitimate reason why an end-user would connect to your public facing website from the "Dark Web", it is highly suspect if your infrastructure connects outbound to a Tor network and is an early indicator of compromise. Talanos monitor these network behaviours to proactively detect emerging threats.

Responding to emerging threats.

Consolidating data from multiple sources, Talanos analyse the data and triage the incidents to determine their impact and priority. If an incident is determined to be a true positive, the team will then work to neutralise the threat on behalf of the customer. Finally, the contained incident (and its associated data) are raised with the customer detailing the findings, steps taken to resolve and any additional recommendations based on observed issues and indicators. For example, we've detected instances where:

  • Staff have been using their corporate credentials on third-party and personal websites
  • The personal machines of end-users are compromised by malware, leaking their company data.
  • Default and simple administration credentials are being used.
  • Critical systems are missing multi-factor authentication.
  • Malicious insiders are leaking intellectual property to competitors.

Intelligence gathering and sharing.

Apart from a number of paid intelligence sources, Talanos also directly gather information and intelligence from a variety of other sources:

  • Access to a number of dark web forums and Telegram groups.
  • Open Source Intelligence (OSINT).
  • Closed and government threat intelligence forums.
  • Vendor, industry and community based intelligence sharing.

Talanos also contribute anonymised threat intelligence to the communities to which we belong.

Understand your exposure, speak with our threat intelligence team.

ISO27001:2022 Compliance

ISO 27001:2022 Annex A, Control 5.7 introduces the importance of adopting a structured approach to threat intelligence. By understanding potential threats, vulnerabilities and exploits, organisations can better protect their information assets and mitigate cybersecurity risks effectively.

Organisations looking to rapidly satisfy their ISO27001 threat intelligence requirements can rely on Talanos’ meticulous documentation, policies and procedures to evidence their compliance.

Download our Solution Brief
  • " Talanos proactively prevented an attack on our staff and customers "

    The initial assessment was a really good report, easy to read, concise and well written. The team had also summarised the report in a slide which I included in my board presentation which was most helpful.

    I was really impressed with their detection and response capability and ... Read More

Ask us about our partner pricing for MSPs

Talanos believe that every organisation, no matter their size, should be able to afford access to our Dark Web and Deep Web intelligence. If you're a managed service provider servicing small and medium enterprises, you could qualify for substantial discounts.

The Talanos Difference.


  • 9+/10 customer recommendations based on NPS scores.

  • Graduate placement program to grow cyber skills.

  • Average employee tenure is 7 years.

  • Each staff member has on average 8.65 cyber and IT qualifications.

We're working to embed our values into everything we do and our customers notice:

No surprises!

  • Transparent pricing, no hidden costs and focused on measurable ROI.
  • Streamlined and flexible contracting, ensuring ease of doing business.

Talented People.

  • Exceptional people backed by robust security and quality delivery systems (ISO 27001 and ISO 9001 accredited).
  • Passionate about cyber, demonstrated by industry-leading certifications and groundbreaking research.

Always There. Always Caring.

  • Named analysts who become an extension of your team, offering expert advice and proactive recommendations.
  • Global 24/7 team delivering resilience and diverse thinking, supported by regional teams for the local touch.

Questions

Frequently Asked Questions

What does Talanos do when they discover leaked credentials?

Our process when discovering any vulnerability is to actively exploit it in a non-destructive manner that protects the confidentiality, integrity and availability of related data. The purpose is to evaluate the associated risk and assess whether the vulnerability has been previously exploited for malicious intent.

Explicit permission is gained from the customer beforehand to:

  • Attempt to exploit known vulnerabilities in a non-destructive manner and;
  • Attempt to login with breached credentials;

so that Talanos can evaluate the risk per discovered item and rate the severity of incidents raised.

Is your threat intelligence data sourced ethically?

Yes. The intelligence that is directly gathered by Talanos, including that from our Dark Web forum and Telegram group memberships, is gathered ethically. We never purchase data from illegitimate sources or participate in activities that would result in the compromise of an organisation's CIA of assets.

Do Talanos provide takedown services?

Yes, when Talanos discover a typosquatting domain that is either infringing on your trademark, has been weaponised with an email server or is hosting a phishing website, we'll initiate a proactive takedown process to stop the attacker from executing their campaign before they start.

Talanos will also report abuse on email and third-party hosting services to raise the cost on attackers ensuring their infrastructure is disabled.

We have a high success rate because we follow strict guidelines on abuse reporting that contains detailed evidence and we follow up and escalate regularly.