In June 2015, Terbium Labs launched Matchlight, a first-of-its-kind data intelligence system used to find stolen enterprise data on the dark web within minutes of it appearing.
In this podcast recorded at RSA Conference 2016, Danny Rogers and Tyler Carbone, Chief Executive Officer and Chief Operations Officer of Terbium Labs respectively, talk about Matchlight in detail.
Matchlight is built upon a massive dark web search engine, scanning the all corners of the internet for stolen or leaked data. It employs a patented data fingerprinting technology that uses fuzzy hashing to create a one-way digital signature of any type of data, enabling companies to automatically search for their sensitive information without revealing it to anyone, even Terbium. If even a trace of a client’s data appears somewhere it shouldn’t, Matchlight automatically generates a notification so that they can identify the breach and quickly set a response and recovery plan in motion.
Offering the world’s first fully private, fully automated data intelligence system, Matchlight’s real-time search and identification of stolen data on the dark web lets organizations know immediately that a breach has occurred. As a result, they can avoid the delayed incident response that leads to increased damages. The system works regardless of the type of breach – zero-day exploits, APTs, socially engineered attacks or insider threats – and is complementary to other enterprise security products. Data fingerprints are continuously monitored and instant alerts are sent via email or API for ease of integration into existing tools and processes.
Organizations that fingerprint their most sensitive data, such as personal information of employees, customer information, etc., would know immediately that their data has appeared on the dark web, receiving automatic notifications enabling them to kick off breach remediation within minutes rather than weeks or months.