eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Terbium Labs announced Matchlight, an intelligence system used to find compromised or stolen data as soon as it appears on the Dark Web—a hidden layer of the Internet.
Using a privacy-protected method, Matchlight creates digital fingerprints of a company’s files and data — even partial copies of data as small as a single account number or line of code, can be detected – and matches them against Terbium Labs’ database of digital fingerprints.
The system is available under a an enterprise software- as- a- service (SaaS) licensing model, with pricing based on size and volume of digital assets to be fingerprinted.
“Right now, finance, healthcare, manufacturing, and retail are all getting hit incredibly hard. Most of these companies search for their data by hand, if at all,” Danny Rogers, CEO and co-founder of Terbium, told eWEEK. “We can automate that process, covering more of the Internet more quickly than any human. Additionally, our private data fingerprinting technique allows us to automatically search for data a company would otherwise consider too sensitive to reveal to any vendor.”
Rogers said Terbium started from the thesis that defense, while still necessary, is no longer sufficient.
“While most information security technologies focus internally, we look outside a company’s network borders for signatures of their unique data,” he explained. “We strongly believe that a more proactive approach to information security is required.”
Terbium Labs also offers an automated, privacy-protected search featuring one-way fingerprinting, which means clients don’t have to reveal their information in order for the company to search on their behalf.
When a fingerprint match occurs, indicating a data breach, the organization receives an immediate notification and a forensics report to aid remediation.
Matchlight works regardless of the type of breach, be it a zero-day exploit, advanced persistent threat (APTs), socially engineered attack or insider threat.
Assets are continuously monitored and instant alerts are sent via email or through Security Information and Event Management (SIEM) integration.
In addition, Matchlight digital fingerprinting can be integrated into existing SharePoint deployments or other document management systems, and for enterprise development teams, Terbium Labs can integrate fingerprinting into existing build processes using post-update hooks.
“We see the market shifting toward a risk management approach to information security,” Rogers said. “Previously, information security was focused on IT and defensive technologies. These days, the most innovative companies are no longer asking if a data breach is going to happen, but when. In fact, the most innovative companies are asking what has already happened that they might not know about. This is where Matchlight provides a unique solution.”