SAGA® data collections are expandable and user-friendly security resources that require a minimum of configuration from your side to start accelerating threat detection and investigation.
The collections are designed in close collaboration with our clients and partners and offer the widest and deepest possible range of collections. SAGA® “pay-as-you-use” modular approach allows you to receive high-quality and cost-effective intelligence delivered in real-time.
The forums collection includes a variety of online sources which are referred to as forums, message boards or online discussion groups.
This source type often contains discussions via posts, images, direct comments, nested comments and comments in multiple layers.
Some of the forums are commonly protected by login or captchas, 2-step verification or even puzzles with tasks (e.g., a riddle or a hack) to get access to the content, which complicates the investigation.
The forum collection offers you superior cyber security coverage via millions of posts from a vast network of sources, updated around the clock.
Marketplaces and shops
A deep and dark web marketplace is a market or shop where goods including pharmaceuticals, drugs, hardware, software are sold. The fear of being exposed while using traditional e-commerce markets like Ebay or Alibaba, moves buyers and sellers to the dark web. Providing anonymity for its users, deep/dark marketplaces and shops became extremely attractive to criminals.
The SAGA® proprietary web scraper enables you to monitor and preserve this data. Apart from providing an ongoing overview of available “goods” on markets, SAGA® provides you the possibility to perform deep-dives and investigate specific target sellers.
Social media enables people to share and access real-time content easily and efficiently. At the same time it is widely acknowledged that many social media platforms are used to facilitate illegal transactions. This can include threats on VIP or public figures, counterfeit goods, or even drugs being sold in closed groups.
Facilitating ultra-scalable monitoring and evidence collection, SAGA®can save you up a massive number of man-hours. Develop cost-effective and efficient systems, going beyond conventional cybersecurity approaches.
Despite selling only one product, carding markets are getting more and more popular. The reason for popularity is the full package that goes along with this unique good – payment cards. Your card number, CVV and even data encrypted into the card’s magnetic stripe is no longer secured and can be used to simply buy products online or even commit a crime.
The deep and dark web is full of payment cards of different formats. The carding markets can sell information sorted by location, BIN and even credit limit. Each year these markets are represented by millions of cards for sale with tens of millions euros lost by their original owners.
The SAGA® system gathers and delivers stolen payment card data in real time. It enables you to receive payment card data as it comes for sale before any fraud has occurred.
A data leak is a dataset usually available on deep- and dark web hacker forums. This dataset can include massive amounts of personal email, login and password combinations or even sensitive additional personal data like Social Security numbers, personal and medical information.
SAGA® guards your business against the most recent leaks with an automated engine that constantly discovers new sources of leaked data and includes up to 5 years of compromised history. SAGA® moves beyond the standard detection of compromised emails and passwords to include user ID, CC, account names, SSN, phone numbers, and many more.
Paste sites & code repositories
Paste sites are anonymous and user-friendly websites that let users share large plain text files through public posts called “pastes”. A paste is text that has been pasted (or written) onto a website that receives its own unique URL so that it can be easily shared with others.
Basically pastes can contain any digital information: personal information, source code, bank accounts, credit card numbers, whistleblowing documents, API keys for access to infrastructure, usernames and passwords for various online services, links to child pornography, etc.
But they are most commonly used for sharing code snippets. Alongside code-sharing content, paste sites have become popular platforms for illegal activities, such as breached data, financial fraud, ransomware notes, doxxing, etc.
One of the top paste sites is Pastebin. Due to its success, pastes have become very popular. New sites opening up all the time, offering hackers and cyber criminals endless opportunities to publish their pastes. Being not a public part of the deep web, pastes are not indexed by search engines and can’t be monitored frequently. That means illegal content isn’t detected as quickly as it can be.
The paste sites and code repositories collection also monitor cloud repositories, public folders and peer-to-peer networks for data that represents leaked confidential or sensitive information including underground criminal activity and communication.
Fortunately, SAGA® regularly engages in detecting these new sites, including those in the deep web. Our coverage currently contains dozens of paste sites, including new ones such as Cpaste, Paste4BTC, and Skidbin. The last one is mainly focused on doxxing.
Domain & whois data
Phishing attacks are one of the most common methods used to steal valuable personal information.
This collection arms your organization and VIPs against phishing and cybersquatting with intelligence around attempts to steal employee information or compromise your assets. It monitors exact matches, variations and common misspellings of domains, for example, to detect websites selling counterfeit products.
SAGA® monitors exact matches, variations and common misspellings of your brand name and trademarks. It enables the search across all recently registered and deleted domain names and gets sets of domain names that contain terms that are specified by you.
Monitoring of media provides a global overview of various trends and news. Furthermore, it feeds raw data into analytics systems, providing an outline of hotspots and relations links.
This collection includes 170.000 global news sources across 150 languages. Beyond this, any existing news source or website news section can be monitored with SAGA®.
SAGAs® leading-edge technology can search and stream millions of news articles every day. You can granulate the content by preselecting certain countries, languages or media types to ensure that you get precisely what you need.
Any device that is directly connected to the internet may contain publicly-available information. This information might be used by cybercriminals to gather information or attack companies and personal systems.
The Exposed Services data module scrapes the data of any possible vulnerable networks and devices connected to the internet: software, webcams, internet routers, security cameras, thermostats, water treatment facilities, yachts, medical devices, license plate readers, smart TVs, etc.
SAGA® helps mitigate such cyber threats as banner grabbing, firewall issues, unauthorized or vulnerable IoT devices, and outdated software that could significantly increase the chances of data leaks.