The BreachSight module of the UpGuard CyberRisk platform is where you can monitor and manage cyber-related risks that your company is directly exposed to. These risk include:
Web Risks: Risks identified in the configuration of your Internet presence.
Identity Breaches: Third-party data breaches that include credentials (email addresses) belonging to your company.
Data Leaks: Data belonging to your company that is exposed on the Internet.
The Web Risks section shows you all the internet domains that are associated with your company. Next to the domain name, you’ll see its CSR score, followed by the date when the domain was last scanned. To get more information on a particular domain, simply click on the name of the domain and a panel will open on the right side of your screen. In this panel, you can find the IP address of that domain and a list of all checks that have passed and failed, complete with actual vs expected values for failed checks.
The Identity Breaches section shows where your company email addresses have been exposed in third-party data breaches. You’ll see the name of the breach, the date it occurred, and how many emails (associated with your company) were included in the breach.
To learn more about a breach, simply click on the one you’re curious about. At the top of the page, you’ll see a summary of where the breach originated, how many people were impacted, and any other relevant data. Below that, you’ll see a list of all the emails in your organization that were part of the breach in question.
Findings are automatically sorted by date, with most recent showing up at the top. You can also sort by name or number of employees involved by clicking on the relevant header
The Data Leaks section displays the results from the data leak detection undertaken by UpGuard. Whenever UpGuard detects a new data leak related to your company, your assigned Security Analyst will publish the details of this finding, and it will appear under the Data Leaks section.
You can review the details of the data leak, communicate with your Security Analyst, and mark the finding as closed once you've remediated it.