Sixgill's Platform

With great power
comes great visibility

Gain exclusive access to the world’s most powerful underground data lake: the widest and deepest collection of data sources available on the market today. Investigate with ease, accelerate time to intel and take the right action – fast.

  • Preemptive

  • Contextual





Designed for smart investigations and swift response: leverage a fully automated threat intelligence life cycle and ad-hoc investigation in real-time.

SaaS visualized investigative Portal

Connect the dots.
Get the picture. Act now.

Understand how each item is related to tactics, techniques and procedures (TTPs) of specific threat actors, elevating tactical intelligence through real-time, automated context.

Quickly fill in the blanks and build the entire threat picture like never before. Deep dive into any escalation in real-time and understand the context. Research threat actor’s profile, MO and history. Review and analyze across languages, sites, timeframes, types of products, topics, entities, and more.

Real-time and ad-hoc access

Powered by the breadth and uniqueness of Cybersixgill’s automated data collection and analysis. Provides far deeper, more accurate threat intelligence, fewer false-positives, and more vital context to drive preemptive security responses.

Machine learning data enrichment process

A unique algorithm that correlates datasets with client assets, and prioritizes security actions based on real threats. Allows security teams to trigger the right playbooks and take action to block emerging threats.

Instant time
to value

Get pre-configured and automatically updated alerts and insights according to vertical and use cases with automatic mapping of your assets for triggering imminent threat alerts. Fully and automatically integrates into the enterprise ecosystem and security stack.

Agile Vulnerability Management

The Score That Tells You More

The Cybersixgill Dynamic Vulnerability Exploit (DVE) Score is based on the probability of a vulnerability being exploited, through proven machine learning algorithms. It also contains actionable information and explanation for clear visibility into the score. Cybersixgill Portal users can further investigate to learn more about CVE popularity, potential exploits, relevant actors and more.

Real-Time Performance

Know an exploit is published or a vulnerability is discussed before threat actors even think of using it

Predict Exploit Probability

Track threats from CVEs that have a higher probability of being exploited by active threat actors in the cyber underground

Comprehensive Quality Collection

Omni-channel collection sourced from the largest collection of threat intelligence related to vulnerabilities

Take the Right Action

Leverage insights that allow proactive remediation and prevention

A new UI

Total visibility in a single
pane of glass

The single pane of glass dashboard design allows ongoing visibility into your digital systems, assets and data, at a glance, for thorough protection. Easy to use and operate, the UI includes Google-like search functionality to quickly drill down, investigate events and understand activities.

CISOs can use it to gain total visibility into their cybersecurity posture from a single pane of glass.

CROs can define and refine their risk assessments based on cyber resilience scores and actionable insights to improve posture and reduce risk exposure.

IT security, threat intel analysts and operations users can use the UI for deep investigation across a wide array of datasets.

Better prioritize with

Dynamic Vulnerability Exploit Score

Add to the Investigative Portal the ability to track CVEs that others define as irrelevant, but have a greater chance to be exploited. Only Cybersixgill’s DVE Score provides full context and predicts the immediate risks of CVEs based on threat actors’ intent.

Architecture and Integrations

Cybersixgill easily and seamlessly integrates with all major TIP, SIEM, SOAR and VM platforms. It is a cloud based, SaaS solution that layers on top of your enterprise core security stack to provide a total integrated solution.


Get enhanced alerts
in real-time

Endpoint Security

Get incidents and IOCs enriched with context

Vulnerability Management

Get dynamic CVE

Data Aggregators

Get new incident alerting and IOCs

Common Use-Cases

Cybersixgill can be deployed in various scenarios. It features a centralized, multi-tenant and role-based architecture for direct use as well as MSSPs. Organizations from all sectors can use Cybersixgill to tackle a wide range of scenarios.

Continuous real-time detection of compromised credentials

Receive alerts of leaked credentials of employees. These credentials were either posted on the underground, or were part of a leaked DB that was shared or sold on the underground

Next-level Incident detection and response

Investigate a specific threat or incident across wide datasets from the deep, dark and surface web. Including but not limited to: enrich the investigation with context, attribute an incident to a specific threat actor, and more

Real-time Executive/VIP monitoring

Receive alerts if an executive is being targeted by a cyber or physical threat, including spear-phishing attacks, CEO scams, doxing, and more

Hyper-scale Vulnerability assessments

Investigate a specific vulnerability across wide datasets from the deep, dark and surface web. Including but not limited to: enrich the investigation with context, attribute a POC exploit code to a specific threat actor, and more

Meticulous fraud
analysis - fast and easy

Allow financial institutions to better implement a root-cause analysis of credit cards leaks and to take action to mitigate it via a breakdown of leaked credit cards by BINs, geography, issue, and more

Law enforcement terror investigations

Access dozens of terror-related forums and thousands of Telegram channels. Intuitively correlate between different datasets and create a coherent intelligence picture in real-time

Drugs and weapons

Access dozens of drug and weapon related markets as well as thousands of IM channels. Intuitively correlate between different datasets in order to create a coherent intelligence picture in real-time

Out-of-box readiness,
instant time to value

  • Pre-configured and automatically updated alerts and insights according to vertical and use case
  • Automatic mapping of your assets for triggering imminent threats alerts

Visually intuitive
and role support

  • Pre-configured, role-based analytics dashboard


  • Quick and seamless onboarding
  • Fully and automatically integrated into the enterprise ecosystem and security stack