Smart solutions for smarter
risk awareness

Subject matter expertise fuses with specialized technology to illuminate risk blind spots and empower organizations to make informed decisions.

Our Products

intelligence reports

Leveraging the same analytical tools and data used by our clients, our analysts monitor critical areas of the Deep & Dark Web in over fifteen languages to hand-pick and deliver timely, accurate, and relevant intelligence to empower your organization to make informed decisions.

Curated Alerting

Our analysts’ keen insights fuse with efficient automation, sifting through vast amounts of Deep & Dark Web data at scale to illuminate risk blind spots.

Analyst Assistance

Connect directly with our multilingual intelligence analysts to facilitate tailored threat investigations and deeper analyses of what is most relevant to your organization.

Api & portal

Flashpoint’s offerings empower analysts with safe access to Deep & Dark Web communities where valuable intelligence can be gleaned. We provide a RESTful API alongside a multi-faceted web platform to cater to your most efficient research workflow.
Advisory Services

Business Risk Intelligence Practice

Tailored solutions to those organizations starting, rebuilding, or expanding an intelligence function whether for a single function or to support risk broadly across the business. Flashpoint can design and deliver engagements ranging from a single-day workshop to month-long projects around establishing cross-functional intelligence fusion cells. Offerings include BRI Workshops, Intelligence Operations Training, Retained Advisory Services, and other product-based engagements.

Strategic Engagement Services Practice

Whether an organization is looking to identify and assess risk to their company and executives proactively or to support an ongoing incident or investigation, Flashpoint’s deep experience, expertise, and intelligence capabilities are ready to assist. Offerings include Rapid Risk Response, Deep & Dark Web Risk / Executive Risk Exposure Reports, Directed Actor Engagement, and additional Flashpoint analyst service hours.
Our team has rich experience in building intelligence operations at organizations such as HP, Bank of America, PNC, Fidelity National Information Services, and Deloitte, and we can now provide this expertise directly to you.
Contact the Advisory Services Team >
Use Cases

Cybersecurity & emergent malware

Background: Malware developers continually adapt their malware to bypass detection and controls. These new malware strains are often developed by actors operating in the Deep & Dark Web and then released into the wild without forewarning, leaving companies flat-footed and reactive.

Flashpoint’s Approach: Because Flashpoint’s Subject Matter Experts are embedded in illicit Deep & Dark Web communities, we are able to gain insights into malware development as it happens and facilitate a proactive approach to mitigation.
Use Case: In one instance, Flashpoint analysts embedded within a criminal underground community obtained an early version of unreleased point-of-sale (POS) malware yet to be deployed in the wild.

Outcome: Through coordination with various antivirus companies, information about the POS malware was quietly released in a manner that was timed and controlled — with the intent to not only prevent harm, but to prevent the malware’s author and POS customers from reacting.

Physical Security & Executive Protection

Background: As the overlap between the cyber and physical threat landscapes expands, threat actors continue active in illicit online communities pose serious risks to organizations’ physical security. But, as most enterprise physical security teams lack visibility into the cyber threat landscape and vice versa, organizations often are not fully aware of relevant physical threats.

Flashpoint’s Approach: In addition to extensive experience engaging with threat actors on the Deep & Dark Web, many of Flashpoint’s Subject Matter Experts have closely honed their physical security skills during time served in the US military and/or with public-sector intelligence agencies. When combined with targeted Deep & Dark Web monitoring, Flashpoint’s expertise helps organizations proactively identify and mitigate physical security risks.
Use Case: When a high-profile executive from a Fortune 100 company planned to attend a popular public event, the company’s physical security teams used Flashpoint’s Business Risk Intelligence to identify and investigate previously-unknown threat actors located in the vicinity of the event.  

Outcome: This visibility enabled security teams to leverage a threat-based approach by deploying resources in priority areas to protect their executive and reduce risks to physical security.

Third-Party Vendor Risk/incident response

Background: While organizations are often focused on their own security policies and procedures, they also need to have similar awareness of the risk posed by their vendors, customers, and partners — many of whom can have access to sensitive systems and data.

Flashpoint’s Approach: Flashpoint’s expansive coverage of the Deep & Dark Web provides a robust view into a company’s ecosystem and helps rapidly assess the risks posed by third party relationships.
Use Case: A Fortune 50 customer was indirectly hacked through one of their international clients, resulting in the exfiltration of sensitive customer information. Utilizing Flashpoint’s data, the company was able to obtain information from the underground criminal forum where the customer information was released.

Outcome: In addition to confirming the existence of this data, the company further learned that the leak was much greater in scale than initially thought, totaling over 90 million U.S. records pertaining to hospital patients. Flashpoint analysts assisted the company in obtaining a sample set of the data and worked with the customer to help limit further exposure.


Background: Fraud is one of the most persistent threats across the enterprise that is not easily detectable with purely technical indicators. Ranging from social engineering and insider trading to phishing, credential harvesting, and identity theft, threat actors are constantly developing new exploits for financial gain. Combatting fraud often presents challenges stemming from detection difficulties, language barriers, technical complexities, and lack of visibility into the Deep & Dark Web.

Flashpoint’s Approach: Flashpoint’s multilingual Subject Matter Experts have spent years immersed in the Deep & Dark Web analyzing fraud across various illicit communities that often have complex techniques, tactics, and procedures (TTPs) to engage in fraud. This combination of in-depth expertise with these TTPs and robust intelligence equips organizations with the context and visibility necessary to proactively mitigate even the most complex fraud schemes.  
Use Case: Flashpoint uncovered a plot to exploit the upcoming US implementation of Europay MasterCard Visa (EMV). Deep & Dark Web intelligence revealed that threat actors had developed specific EMV-chip recording software and manufacturing techniques to fabricate chip-enabled credit cards.  

Outcome: Flashpoint’s financial industry customers used this information to get ahead of the threat prior to the US-launch of EMV, enabling them to engage in intelligence-led anti-fraud implementations and tailored go-to-market strategies in order to mitigate the financial loss and damaged brand reputation associated with large-scale fraud.

Insider threat

Background: Insider threats arise when rogue employees exploit access to their organization’s sensitive internal information for personal or political gain. While enterprise security teams often focus on mitigating external attacks, many organizations lack visibility into the potential threat of insiders secretly profiting off of confidential corporate knowledge or intellectual property. Likewise, others may desire to engage in violent political action that can harm both the company’s physical property and reputation.

Flashpoint’s Approach: Flashpoint combines an intimate familiarity with malicious insiders’ techniques, tactics, and procedures (TTPs) with targeted monitoring of the Deep & Dark Web to help organizations proactively mitigate insider threats.
Use Case: Flashpoint’s intelligence from an underground forum revealed that a rogue employee of a multinational technology company was preparing to profit from stolen source code from unreleased, enterprise-level software.    

Outcome: Flashpoint immediately alerted the company and helped them complete an internal investigation, work with law enforcement to support the employee’s arrest, prevent the illicit sale, and preserve the company’s intellectual property.