Cyber Exposure Platform

Designed for Law Enforcement and Security Service Providers, the CIH platform enables cyber security professionals and investigators to discover and explore Dark and Deep web activity in a productive and efficient way.

The platform provides users a single point of access to a vast archive of evidence from restricted sources such as Dark Web Markets, Leak Platforms and Discussion Forums that keeps on growing in real time and dating back multiple years.

With CIH platform the users will be able to search, detect, analyze, respond to, report on, and prevent cybersecurity incidents that were previously impossible to find.

Exposed information

What has been leaked outside of an organization

Monitoring helps organizations discover their exposed information and enables them to respond to emerging cyber exposure threats.
CIH’s dynamic crawler data acquisition system continuously searches the dark web, deep web and other data breaches to provide real-time notifications as well as historical presentation of leaked information.
Dashboards enable rapid comprehension of risks, while providing specific views for different users and use cases; risk officers, auditors, analysts etc.
Data is accessed through dashboards, alerts to email and APIs. Our stand-alone solution integrates with SIEM, SOAR and SOCs.

Exposed systems

Asset discovery starts with entering known information such as domain names, IP address etc. The tool automatically suggests assets that may belong to the same organisation. This provides an ‘attacker’s view’ of an organisation.
Asset map visualises the security posture of internet facing assets. By creating custom groupings, you can organize assets based on your business structure.

Continuous Testing

Automation is unique to Cyber Intelligence House. Start vulnerability scans with one click and zero configuration based on the assets that you have discovered. Continuous testing saves time and enriches the analysis of discovered assets and their exposure.

Infrastructure testing
Compilation of open source tools, scripts and commercial scanners for detecting operating system and service level vulnerabilities.

Application testing
Set of specific tools for testing weaknesses such as input and output validation, injections and OWASP top 10.


Investigation module allows investigators and law enforcement to conduct investigations, searching and monitoring actors, events, transactions and other content in the darkweb and deepweb.
The platform speeds up investigations by allowing investigators to access all content without navigating through complex networks and installation of various softwares.


Compare cyber exposure and results to a peer group based on location, industry or size.
Understand and visualize trends from the same peer groups to create industry or region specific analysis.
Assess up to 300 organizations at once to create your own benchmark for examples based on your client base.

Balances both machine learning AND human analysts

Validates threats against a standardized information model

Delivers only intelligence on customer-specific threats

Connects threat information directly to business operations

Uses non-technical language to explain cyber risk

Helps identify how best to direct cyber-related resources

Provides threat mitigation recommendations

Runs the data acquisition, doesn't rely on open source feeds

Provides insight into active threats via the Dark Web, Deep web, data breaches

Creates a tailored risk profile

Alerts you only about relevant threats

Provides specific mitigation recommendations

An immediate intelligence operations and results without additional staff

Integrates with existing cybersecurity environment

Integration - API that connects to EDR, SIEM and SOAR

Provides view on key metrics such as Mean-time-to-identify and mean- time-to-repair

Continuous infrastructure testing with zero configuration

Continuous application level testing

Continuous penetration testing & red- teaming

Key person risk monitoring

Access raw data

Access darkweb, deepweb and data breach records without the need to install any software or expose yourself to darkweb.
Our user friendly user interface doesn’t require prior training and provides easy to understand and digest findings.

Machine learning based categorization and meta data tagging provides valuable insights without the need to look at the data and when you want to dive deeper full records are available.

Project workflow

Start by creating individual assessments for projects or customers.
Assessment view helps you to keep your clients’ data separated and allows re-assessing periodically.
Assessments stay live for 7 days and you can retrieve reports and data afterwards.

You can also subscribe for continuous monitoring for your clients separately and you can even allow your clients to log in to the dashboard.

Lead scanner

Lead scanner allows you to assess up to 300 organizations at once.
Pre-screen or conduct due diligence of potential customers.
Screen your entire client base to identify customers who are at high risk and need risk mitigation urgently.
Prioritize your sales resources by focusing on organizations with urgent needs.
Create industry or region specific insights for your clients.
Create your own benchmark based on your client profiles.

Analysis & Graphs

Our user friendly user interface provides time series, trends, distribution and other types of graphs that you can embed in your reports.
All findings are categorized by machine learning algorithms and information is presented both in high level and detailed view of individual findings. Discovered assets are presented both in list view and beautiful asset map.
You can quickly filter and customize the results that you want to present saving time for other more valuable activities.

Reports & Export data

What you see is what you get.
You can export any findings in different formats such as CSV, PDF and PPT to mention few. Real time findings can be delivered through email, dashboard or API integrations.
Our platform supports exporting data to SIEM & SOAR and are used by managed detection and response teams as well as security operations centers.

Send check result to email