Ransomware & dark web monitoring

Know when your company appears on ransomware sites.

Monitor company names and domains. Review the source, actor, date and category in one dashboard.

Free scan. No credit card. Alert-profile matches stay in the dashboard.

Start with one domainRun a free check without a sales call
Review source evidenceSee the title, actor, date and source link
Review matched evidenceUse the dashboard, then query the API when needed
How it works

Turn a company name into a repeatable watchlist.

Built for teams that need exposure awareness but do not want to operate a separate threat-intelligence program.

1

Define what matters

Add a domain, company name, threat actor, category, country, or industry. At least one criterion is required.

2

Review current matches

After creating a profile, search the existing archive and inspect the underlying threat record.

3

Monitor continuously

Review new matching records in the dashboard and Match history.

What the production flow looks like

The first result comes from the current production index.

Run the free scan, create a trial account, and review matched source records in the dashboard. The product shows the source title, actor, observed date, and next review step.

Exposure matchREVIEW
OrganizationMonitored company or domain
CategoryRansomware or dark web mention
EvidenceSource title, actor, observed date and source URL
StatusRequires analyst review
AccessDashboard and Match history
First-party dataset

29,858 collected threat records from the first half of 2026.

We analyzed records collected from January through June and checked their shared metadata for consistency. The study publishes the aggregation method, field completeness, three de-identified record examples, and downloadable CSV and JSON files.

29,858period-matched threat records
29,853records matched across both sets
6 monthsJanuary 1 through June 30, 2026

Each record reflects one collected source observation. It is not independent proof of a confirmed security incident.

Simple annual plans

Monitoring first. API when your workflow needs it.

Every plan is a product subscription. The site does not bundle penetration tests, vulnerability assessments, or incident response into these plans.

Detection

$388 / year
  • 5 alert profiles
  • 1-year rolling feed
  • Search and dashboard
  • Dashboard match history
Start 14-Day Trial

Defend

$20,000 / year
  • Unlimited alert profiles
  • Full threat history and export
  • Unlimited API requests
  • Up to 100 API keys
Discuss Requirements

Annual billing. Trial limits are documented on the pricing page. API use remains subject to authentication and abuse controls.

Trust without invented badges

Verify the product on your own terms.

We publish what the product does, its current security controls, API behavior, and the live scan pathway. We do not claim certifications that are not publicly documented.

FAQ

Questions before you start

What does the free scan do?

It checks the submitted domain against the available exposure data and presents the result on the site. It does not create an alert channel or send customer email.

What happens after I create an account?

You create a monitoring profile with at least one criterion. The platform then takes you to current archive matches when a company, domain, or actor was supplied.

Where do alert-profile matches appear?

Matches appear in the signed-in dashboard and Match history. Outbound Email, Slack, Teams, browser push and webhook delivery is currently unavailable.

Which plan includes API access?

Protection includes 1,000 requests per day with a 10-request-per-minute limit. Defend includes unlimited plan-level requests, subject to authentication and abuse controls. Trial keys have lower limits.

Is this a penetration-testing or incident-response service?

No. The plans shown here cover the monitoring platform and the listed data, export and API limits.

Start with the question you can verify today.

Has your company or domain appeared in the exposure data?