Cybersixgill Investigative Portal Valuable Features

Lead Cyber Threat-Intelligence Analyst at a educational organization with 10,001+ employees

One of the most valuable features is the ability to be alerted to any possible imminent attack, or mention of your organization by a possible attacker.

It is also of the highest importance that it runs on a collection of Deep Web, Dark Web, and closed sources. This tool is a must for any organization that has a large footprint. The solution’s approach of using limited open source intelligence and focusing, instead, on the Deep Web and Dark Web is what seals the deal. That is why I like them. I have other tools that I can aggregate all the open source intelligence from. I value Cybersixgill because it provides access to things that no one else does. And the tool is configured to do this in a way that provides advanced analysis. That is one of the main values that it provides. They are not just aggregating open source news and feeds, they're actually gaining access to real intelligence.

The size and scope of the solution's collection are pretty impressive. I am impressed with the ease through which the tool allows you to track threat actors who are likely to target you, on a variety of underground forums which are closed. These are sources that would require a solid effort to infiltrate. The automatic translation of any exchange within the platform makes it the most expedient solution for automated threat intelligence and chatter monitoring.

Cybersixgill has also enabled us to access sources which we have not seen anywhere else. They have access to closed forums that I don't want to mention, but that access is important because it's not available anywhere else.

View full review »
General Manager - Cyber Security at a consultancy with 11-50 employees

We can easily conduct searches on leaked credentials. It gives us the ability to look at a timeline and build profiles against companies that we are trying to protect, then track changes to credentials or leaking bucket/cloud services associated with those companies. That is the benefit for us. A lot of it is stuff that we can do manually, but it is more about the time it takes as well as the number of analysts you need to do it compared to getting it provided as a quick service.

It is scalable in that we don't need a dozen people to do the work. With this tool, one person can do it.

View full review »
Head of Cyber Intelligence at a tech services company with 501-1,000 employees

In the search engine, you are able to use operators. These operators allow you to do specific searches or open searches. The main things are:

  • If you want to search everything related to a specific malware family but you don't want to have anything related to specific search. So, you can just upload it from the search engine and search for it. 
  • If you only wanted to know about one specific vulnerability, but you don't care what is in Telegram or GitHub as repositories, then it will only care for these things in the dark web forums. You can narrow your search to that. 
  • If you want only sites in Spanish, but not in other languages, you can narrow your search to that. 

There are a lot of possibilities when using the search engine. It has become really useful for my analysts.

The solution has enabled us to access sources that we have not seen anywhere else, such as Telegram. It also gives us access to the Genesis Marketplace. Otherwise, we would have to pay someone for that. However, with Cybersixgill, we can go to the platform and search for whatever we want. 

View full review »
Learn what your peers think about Cybersixgill Investigative Portal. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
509,570 professionals have used our research since 2012.
Manager of Cyber Intelligence Center at a consultancy with 10,001+ employees

One of their strong points is flexibility. That means that once I log in to the Sixgill portal, I can search anything with a specific enquiry. Sixgill provides dark web information based on the search query. By using a combination of the queries, we can exclude various information. It's a very powerful feature of Sixgill.

Regarding the solution's scope, they already provide many things, and they are gradually extending their coverage. They also cover Twitter, Reddit, and some social media. The only thing they don't cover is security news from open sources.

They also provide some of the greatest notification capabilities. I put in a customer's company name and domain names, or sometimes I put in their IP addresses as a keyword. Once Sixgill collects information that includes those keywords, they then provide us email notifications. That means we can catch information related to our customers as soon as possible. Sometimes threat actors share vulnerable website leaks, and if one contains a client's assets, we can catch it quickly and notify the client.

Sixgill also provides threat actor analysis capabilities. When we catch some information regarding a client, such as when some dark web forum member mentions a client's asset, before we report it to the client we conduct a threat actor analysis. Not all members of dark web forums are serial cyber criminals. There are also some kids. Sixgill's threat actor analysis capability provides us with that threat actor's reputation on the forum and helps us know whether a post is very serious or not. We can understand who the threat actor is and whether he is a serious hacker or not. It's very useful information.

View full review »
Learn what your peers think about Cybersixgill Investigative Portal. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
509,570 professionals have used our research since 2012.