Cinder Guard

Hands-down most coverage

  • Early warning before hackers exploit
  • Continuous and real-time monitoring
  • Monitors all sources, such as dark web, brand monitoring sites, social media and more
  • IP/domain reputation control
  • Fraudulent mobile app and domain tracking


There are simply too many security related breaches, leaks or incidents happening every day. Monitoring all of these security events is impossible for many organizations, even for the large ones! CinderGuard Cyber Threat Intelligence makes this easier by monitoring every single event, watching every single movement, collecting information related to your organization from millions of data points.

Data Leakage Monitoring

Data Leakage Monitoring continuously scans well-known hacking and breach sites to find any financial information, credit cards, personally identifiable information (PII), IP / Domain addresses, e-mails, passwords, usernames and information related to the intellectual property. Customers can use this information to take quick actions before hackers and other cyber criminals use it.

Social Media Monitoring

Social Media Monitoring engine instantly monitors social network sites such as twitter, reddit, github, facebook fan pages, google+ etc. The result is correlated with customer assets in order to detect any potential data leakage or a possible cyber attack. With the help of this engine, the customers prepare themselves for potential attacks such as putting DDoS protector into mitigation mode rather than monitoring mode.

Fraudulent Domain Tracking

Fraudulent domains are frequently used by phishing attacks those targeting either a company’s employees or customers. Companies get notified if a fraudulent domain is registered or a domain’s IP address is changed. The output of this engine can be used by Anti-Spam, IPS, IDS, FW, WAF or other border protection platforms.

Botnet Control

Botnet Control regularly checks whether an IP address or Domain Name of a customer is blacklisted or if it is a member of a botnet. Customers are regularly informed about their IP/Domain reputation giving them a piece of mind that their public IP addresses are white listed.

Passive Vulnerability Scanning (PVS)

Continuous vulnerability scanning is required in order to identify whether a customer’s system is affected by a recent security flaw. However, vulnerability scanning has an overhead on any system. Not to overload the customer system, Passive Vulnerability Scan Engine takes a snapshot of the target system on our servers, and periodically checks whether the system is vulnerable to a newly discovered security flaw.

Personally Identifiable Information (PII) Tracking

There are hundreds of millions of e-mail / password / username leaked on the internet. Personally Identifiable Information (PII) Tracking engine collects breaches and correlates these leaks with customer contacts or users to notify if companies’ users or customers are affected.

Phishing Web Site Monitoring

Phishing Web Site Monitoring engine periodically collects phishing site / URL / domain lists and analyzes this addresses whether they are a company’s phishing site of an web application asset.

DeepWeb / DarkWeb Mining

DarkWeb / DeepWeb analysis engine simultaneously digs famous Tor sites and IRC channels to find out any data breach of customer intellectual properties or personally identifiable information. CinderGuard’s security analysts even pay to buy the leakage those are sold underground markets.

Smart Intelligence

Companies usually hacked because of security flaws those are appear on 3rd party companies. Such as if a forum site is hacked, hackers get a lot of credentials. They tend to use these credentials in customer’s site and unfortunately people usually use the same password for different web applications. Smart Intelligence sub-module analysis 3rd party security breaches and vulnerabilities those may related with the customer.

Brand Watch

Brand Watch engine passively monitors customers’ Twitter account, Facebook fan page, Youtube channel etc. for an anomaly or defacement. It also provide a comprehensive security related information about Alexa position, Shodan, ZoomEye, Cymon, VirusTotal scan results, AlienVault Threat info etc.

Fraudulent Mobile App Monitoring

Mobile app markets have no limitation to submit a fraudulent app. One can create a fraudulent or phishing app and submit it to Android or iOS App Store. Mobile App Monitoring engine creates an alarm if a mobile app with the same or similar name appears on the markets.

DNS / Domain Whois Monitoring

Cyber criminals sometimes try to hack Domain Name Registration services in order to transfer a legitimate domain to themselves or change the corresponding IP addresses of a DNS record in order to perform Man-in-the-Middle attack. DNS monitoring service instantly creates an alarm when the customer’s Domain Name Registrar information is changed, the resolving IP is changed or even when a fraudulent domain’s IP is changed.

Paste Site Monitoring

Paste sites such as,,,, etc. are instantly monitored by Paste Site Monitoring engine which monitors for any leaked sensitive information such as financial information, credit card data, personally identifiable information (PII), IP / Domain address, e-mail, password, username and information related to the intellectual property.

Threat Feeds

We monitor and notify you when we find any data about recent attack vectors, news, defacements, malwares or phishing activities. All of which give an idea about cyber criminal tendencies and methods.