PROACTIVE SECURITY TEAMS
ALWAYS VERIFY

Execute and contextualize initial breach activity in your environment to verify your detection and sandbox capabilities are working as expected 24/7.

RECON MODE FEATURES

Instantly identify detection gaps with Recon Mode. An intuitive feature that continually executes complex recon activities from any authorized breach point in your environment.

Recon Mode - Continually Discover New Attack Vectors
Attribute threat intelligence and OSINT to your organization, users, systems, and networks. Intelligence data includes data leaks, source code leaks, API key leaks, credential leaks, email leaks, forum chatter, social media chatter, exposed S3 buckets, weak credential policy enforcement on public facing applications, exposed services, and DNS.
From daily browser activity to application usage events, Blackbot collects essential meta data from user behavior to form and identify high-value user targets.
Discover local and remote services, scheduled jobs, patch updates, DLLs and extract application metadata essential to profiling potential potential targets and weak systems on the network.
Passively collect network metadata to evaluate and profile network activity on the network.
Continuously identify and profile security control capabilities in every layer of the OSI model.
Core metadata produced from situational awareness techniques is used to prioritize reconnaissance techniques required to identify new attack vectors.
Core metadata produced from situational awareness techniques is used to prioritize discovery techniques required to identify new attack vectors.
Attack vectors are discovered and notable evidence is extracted to create attack chain formations that guarantee zero false positive success rate 24/7,365.

FOCUS ON WHAT MATTERS RIGHT NOW

We’ll help you eliminate the risk introduced by initial breach activity so you can focus on what matters most.

CHECKOUT ATTACK MODE