Sixgill's Platform

Get the answers you need to eliminate Threats - Fast

Gain exclusive access to closed underground sources with the most comprehensive, automated collection from the deep and dark web. The Investigative Portal delivers the threat intel security teams need: real-time context and actionable alerts along with the ability to conduct covert investigations. Accelerate time to intel and take the right action.

Elevating tactical intelligence through real-time, automated context.

Connect The Dots.
Get The Full Picture.

Understand how each item is related to tactics, techniques and procedures (TTPs) of specific threat actors. Detect interactions between threat actors in real-time, earlier on the cyber killchain. 

Quickly fill in the blanks and build the entire threat picture like never before. Deep dive into any escalation in real-time and understand the context. Research threat actors’ profile, motive and history. Review and analyze across languages, sites, timeframes, types of products, topics, entities, and more.

Real-time access

Powered by the most extensive, automated data collection from the deep and dark web.

Autonomous Data Collection/Analysis

A sophisticated algorithm that correlates datasets with client assets, and prioritizes security actions based on real threats. Allows security teams to trigger the right playbooks and take action to block emerging threats.

Reach Relevant Intelligence - Fast!

Gain insights specific to your industry and your company: Automatic mapping of organizational assets and use-cases in order to trigger imminent threat alerts.

Agile Vulnerability Management

Prioritize better with The Score That Tells You More

Cybersixgill’s Dynamic Vulnerability Exploit (DVE) Score predicts the probability of a vulnerability being exploited, derived from automated AI analysis of underground chatter. Enriched with real-time context, it also contains actionable insights and dynamic attributes to ensure clear visibility into the score. You can further investigate vulnerabilities to learn more about CVE popularity, potential exploits, as well as relevant actors in order to better prioritize remediation. 

Real-Time Performance

Know an exploit is published or a vulnerability is discussed before threat actors even think of using it

Predict Exploit Probability

Track threats from CVEs that have a higher probability of being exploited by active threat actors in the cyber underground

Comprehensive Quality Collection

Omni-channel collection sourced from the largest collection of threat intelligence

Take the Right Action

Leverage insights that allow proactive remediation and prevention

A new UI

Total visibility into your threat landscape

The dashboard design allows ongoing visibility into your digital systems, assets and data – at a glance. Easy to use and operate, the UI includes a smart search functionality to quickly drill down, investigate events, and understand underground activity as well as how it relates to your organization. 

CISOs can use it to gain total visibility into their cybersecurity posture from a single pane of glass.

CROs can define and refine their risk assessments based on cyber resilience scores and actionable insights to improve posture and reduce risk exposure.

IT security, threat intel analysts and operations users can use the UI for deep investigation across a wide array of datasets.

Architecture and Integrations

Cybersixgill seamlessly integrates with all major TIP, SIEM, SOAR and VM platforms. It is a cloud based, SaaS solution that layers on top of your enterprise core security stack to provide a total integrated solution.


Get enhanced alerts
in real-time

Endpoint Security

Get incidents and IOCs enriched with context

Vulnerability Management

Get dynamic CVE

Data Aggregators

Get new incident alerting and IOCs

Common Use-Cases

Cybersixgill can be deployed in various scenarios. It features a centralized, multi-tenant and role-based architecture for direct use as well as MSSPs. Organizations from all sectors can use Cybersixgill to tackle a wide range of scenarios.

Continuous real-time detection of compromised credentials

Receive alerts of leaked or compromised employee credentials which have surfaced on the deep or dark web, either directly posted on the underground, or part of a leaked DB that was shared or sold on the underground

Next-level Incident detection and response

Investigate a specific threat or incident across wide datasets from the deep, dark and surface web. Including but not limited to: enrich the investigation with context, attribute an incident to a specific threat actor, and more

Real-time Executive/VIP monitoring

Receive alerts if an executive is being targeted by a cyber or physical threat, including spear-phishing attacks, CEO scams, doxing, and more

Hyper-scale Vulnerability assessments

Investigate a specific vulnerability across wide datasets from the deep, dark and surface web. Including but not limited to: enrich the investigation with context, attribute a POC exploit code to a specific threat actor, and more

Meticulous fraud
analysis - fast and easy

Allow financial institutions to better implement a root-cause analysis of credit cards leaks and to take action to mitigate it via a breakdown of leaked credit cards by BINs, geography, issue, and more

Law enforcement terror investigations

Access dozens of terror-related forums and thousands of Telegram channels. Intuitively correlate between different datasets and create a coherent intelligence picture in real-time

Drugs and weapons

Access dozens of drug and weapon related markets as well as thousands of IM channels. Intuitively correlate between different datasets in order to create a coherent intelligence picture in real-time

Out-of-box readiness,
instant time to value

  • Pre-configured and automatically updated alerts and insights according to industry and use case
  • Automatic mapping of your assets, for triggering imminent threats alerts

Visually intuitive
and role support

  • Pre-configured, role-based analytics dashboard


  • Quick and seamless onboarding
  • Fully and automatically integrated into the enterprise ecosystem and security stack
Live chatNew chat feature! Learn more