How it Works
Every attack has a launch point, whether that’s an email address, IP address, URL, or domain. Using a combination of high-speed web crawling and small pattern analytics, Area 1 Security preemptively identifies campaign events and discovers these launch points in advance of the campaign going active. Combining that with deep contextual analysis of a target’s live email, web, or network traffic allows us to detect and block targeted phishing comprehensively, before the attack can cause damage.
ActiveSensors™ discover emergent campaign infrastructure and aggregate attack data from relay points that actors are using to launch their threat campaigns. Our ability to crawl the web at massive scale is unique, looking at every web page, URL, domain, and IP address to find tell-tale emergent patterns. Just as Google indexes the web for commerce and content, we index the entire web—8+ billion pages and 220 million TLDs every couple of weeks. That’s the most comprehensive web-crawling capability focused on uncovering threats ever built.
High-speed phish indexing through massive scale web crawling; biweekly full web sweeps
Actor infrastructure monitoring, infrastructure clustering and correlation
Live attack flow analysis, delivery mechanisms, campaign discovery, and real-time data exfiltration
Dynamic frontier management for deep and wide link traversals; along with ad hoc frontier variations
User and target impersonation-based crawls