SPYCLOUD FAQS

This is the spot for answers to the most frequently asked questions (FAQs) about all things SpyCloud. For better understanding of terms we use regularly, you can also visit our glossary.

PRODUCT

How does SpyCloud work?

SpyCloud recaptures and enriches the largest database of stolen identity data, including credentials and PII, from the dark web and other closed sources in the criminal underground. Our team continuously ingests and intelligently analyzes more than 25 billion assets every month from data breaches, malware-infected devices, combolists, and success phishes.

SpyCloud's vast recaptured data repository gives organizations the ability to correlate exposed data from an individual’s digital footprint – past and present, across managed and unmanaged devices - giving more visibility into the exposed identity and associated risk. When exposed data is found, SpyCloud alerts affected organizations so they can take action to secure affected identities of their employees, customers, partners to prevent account takeover, ransomware, session hijacking, and online fraud.

What types of organizations can benefit from SpyCloud's products?

SpyCloud's products are beneficial for a wide range of organizations, including software/technology firms, financial institutions, government agencies, healthcare providers, ecommerce companies, educational institutions, and even cybersecurity companies, among others – effectively any organization with employees, suppliers, and customers.

What is account takeover (ATO) and how does SpyCloud prevent it?

Account takeover (ATO) occurs when unauthorized individuals gain access to user accounts using stolen credentials or authentication information. ATO attacks can lead to follow-on attacks, identity theft, financial loss, and reputational damage for individuals and organizations.

What sets SpyCloud apart from other cybersecurity solutions?

SpyCloud provides holistic identity threat protection by detecting and analyzing exposed identity elements – like credentials, session cookies, and PII – sourced directly from the criminal underground. SpyCloud's solutions enable automated remediation of compromised identities, helping organizations quickly neutralize threats like account takeover, session hijacking, and ransomware. By continuously monitoring and resetting exposed identity assets, SpyCloud reduces risk across the entire identity lifecycle.

How frequently is SpyCloud's database updated?

SpyCloud continuously monitors the dark web and updates its database with third-party breach, malware-exfiltrated, and phished data. Our process gives our customers access to the most current exposure information to protect their accounts quickly and effectively.

Does SpyCloud offer dark web monitoring for specific industries or sectors?

Yes, SpyCloud offers continuous dark web monitoring for various industries and sectors, including finance, healthcare, retail, technology, and more. That said, SpyCloud goes well beyond typical dark web monitoring to actually remediate exposed authentication data on a continuous basis, enabling your team to scale its impact without adding additional headcount or tools.

What kind of data does SpyCloud monitor for on the dark web?

SpyCloud monitors a wide range of data on the dark web, including stolen usernames, passwords, email addresses, credit card numbers, social security numbers, and other personally identifiable information (PII) that could be used for identity theft or fraud. We also recapture newer targeted data types like stolen session cookies, device fingerprints, API keys and webhooks, and crypto wallet addresses.

What should I do if SpyCloud alerts me to a compromised user or account?

If SpyCloud alerts you to a compromised account, it's important to take immediate action to secure the account. This may involve resetting passwords, reviewing account activity for any signs of unauthorized access, notifying the user, and taking appropriate Post-infection remediation steps if the user has been infected with malware.

Does SpyCloud have a Responsible Disclosure program?

Yes, our Responsible Disclosure team regularly engages with organizations identified in breaches to ensure they have access to the raw data and can remediate any potential user or employee exposure due to the release of the information.

How does SpyCloud stay ahead of emerging cybersecurity threats?

SpyCloud invests heavily in cybercrime research to stay ahead of emerging cybersecurity threats. Our team continually monitors and analyzes evolving tactics and techniques used by cybercriminals and adapts our technology and processes accordingly to provide the most effective protection for our customers.

Is SpyCloud suitable for small businesses and startups?

Yes, SpyCloud's products are scalable and can be tailored to meet the needs of small businesses and startups. From Fortune 100 businesses to SMBs – no matter the size of your employee or customer base, SpyCloud can help you protect your accounts and sensitive data from cyber threats.

PRICING

What does SpyCloud pricing look like?

SpyCloud pricing is determined by the solution you purchase: Enterprise Protection, Consumer Risk Protection, or Investigations. We also offer special pricing packages for data partners.

What is the pricing for SpyCloud Enterprise Protection?

SpyCloud Enterprise Protection helps organizations protect, prevent, and remediate compromised employee identity data. Pricing is tiered by the number of employee accounts protected. Contact us for a quote.

What is the pricing for SpyCloud Consumer Risk Protection?

SpyCloud Consumer Risk Protection helps organizations preserve consumer account integrity and minimize risks from account takeover, fraud and unauthorized access. Pricing is tiered by the number of customer accounts protected. Contact us for a quote.

What is the pricing for SpyCloud Investigations?

SpyCloud Investigations is available to purchase as an API or portal. Pricing for the API is tiered by number of queries. Pricing for the portal is tiered by seat count with unlimited in-portal queries, and up to 200 API queries included per seat at no additional cost. Contact us for a custom quote.

Does SpyCloud offer volume discounts?

Yes. Please contact our sales team for details and support.

I don’t want to buy a specific SpyCloud solution, can I just use your data?

We offer data partnerships to leading global technology, financial services, and security organizations who want to enhance their security, fintech, and fraud detection products with our insights. You can learn more about our data partnerships here.

I’m an MSSP or MDR provider, can I offer SpyCloud to my customers?

Yes, we partner with MSSPs and MDR providers! Learn more here.

INTEGRATIONS

Does SpyCloud offer integrations with other cybersecurity tools and platforms?

Yes, SpyCloud offers integrations with a variety of popular cybersecurity tools and platforms, including identity providers (IdPs), enterprise detection & response (EDRs), security orchestration, automation and response (SOAR) providers, security information and event management (SIEM) solutions, and traditional threat intelligence platforms (TIPs). These integrations help organizations streamline their security operations workflows and enhance their overall cybersecurity posture.<br

Examples of integrations include:

Does SpyCloud offer custom integration options?

Yes, SpyCloud offers custom integration options through SpyCloud Connect, a fully managed hosted automation service. This custom service offers tailored workflows that deliver SpyCloud’s identity intelligence into your existing tools — like SIEMs, SOARs, or IdPs. SpyCloud Connect handles all development and maintenance, with real-time updates as data evolves and is available for SpyCloud's Enterprise and Consumer Risk Protection solutions.

RISK AND COMPLIANCE

Is SpyCloud compliant with relevant data protection regulations?

Yes, SpyCloud is committed to compliance with data protection regulations such as GDPR, CCPA, and HIPAA. We prioritize the privacy and security of our customers' data and adhere to industry best practices. Visit our Trust Center to learn more.

How does SpyCloud protect sensitive information while monitoring the dark web?

SpyCloud follows strict security measures to protect sensitive information while monitoring the dark web, including encryption, access controls, and data anonymization techniques. We prioritize the privacy and security of our customers' data at all times.

Can SpyCloud help with compliance requirements such as PCI DSS and SOC 2?

Yes, SpyCloud's services can help organizations meet compliance requirements such as PCI DSS (Payment Card Industry Data Security Standard) and SOC 2 (System and Organization Controls 2) by providing proactive monitoring and protection against data breaches and account takeover attacks.

Does SpyCloud help me meet Zero Trust requirements?

Yes, SpyCloud provides continuous identity monitoring to inform your policy engine and your Zero Trust initiatives – powered by darknet telemetry with automated remediation for always-on Zero Trust authentication.

Does SpyCloud help me meet the NIS2 Directive requirements?

Yes, SpyCloud’s identity threat protection solutions help affected organizations in the EU meet the requirements of Paragraph 2, Article 21 of the NIS2 Directive.

How does SpyCloud align to the NIST Cybersecurity Framework?

SpyCloud's products, powered by recaptured data, bolster any organization’s ability to manage cyber risks proactively across all five functions of the NIST CSF. SpyCloud identifies the exposed assets most likely to be exploited by adversaries; protects the business from stolen credentials and malware-exfiltrated data with integrations into directory services and IdPs; detects identities exposed by infostealer malware infections and phishing attacks, with alerts integrated into SOC analysts' workflows; improves response with evidence of compromised cloud applications exposed by malware infections, including those on unmanaged and undermanaged devices; and enhances recovery with darknet data investigations to ensure all impacted systems have been addressed.

How does SpyCloud align to MITRE ATT&CK?

SpyCloud recaptures stolen data from the criminal underground and surfaces insights to customers so they can remediate exposures before criminals can leverage the data in cyberattacks. Whatever phase of the MITRE ATT&CK framework – be it pre-attack or latter attack stages – understanding the information that is already in the hands of criminals and mitigating those compromises can help your organization greatly reduce risk. Learn more about how stolen data fits into your MITRE mapping.

SPYCLOUD FAQS

Categories

PRODUCT

PRICING

INTEGRATIONS

RISK AND COMPLIANCE

Act on what criminals know about your business