Sixgill's Platform

With great power
comes great visibility

Gain exclusive access to the world’s most powerful underground data lake: the widest and deepest collection of data sources available on the market today. Investigate with ease, accelerate time to intel and take the right action – fast.

  • Preemptive

  • Contextual

  • ACTIONABLE

  • SCALABLE

  • REAL-TIME

  • AUTOMATED

Designed for smart investigations and swift response: leverage a fully automated threat intelligence life cycle and ad-hoc investigation in real-time.

SaaS visualized investigation platform

Connect the dots.
Get the picture. Act now.

Understand how each item is related to tactics, techniques and procedures (TTPs) of specific threat actors, elevating tactical intelligence through real-time, automated context.

Quickly fill in the blanks and build the entire threat picture like never before. Deep dive into any escalation in real-time and understand the context. Research threat actor’s profile, MO and history. Review and analyze across languages, sites, timeframes, types of products, topics, entities, and more.

Real-time and ad-hoc access

Powered by the breadth and uniqueness of Sixgill’s automated data collection and analysis. Provides far deeper, more accurate threat intelligence, fewer false-positives, and more vital context to drive preemptive security responses.

Machine learning data enrichment process

A unique algorithm that correlates datasets with client assets, and prioritizes security actions based on real threats. Allows security teams to trigger the right playbooks and take action to block emerging threats.

Instant time
to value

Get pre-configured and automatically updated alerts and insights according to vertical and use cases with automatic mapping of your assets for triggering imminent threat alerts. Fully and automatically integrates into the enterprise ecosystem and security stack.

A new UI

Total visibility in a single
pane of glass

The single pane of glass dashboard design allows ongoing visibility into your digital systems, assets and data, at a glance, for thorough protection. Easy to use and operate, the UI includes Google-like search functionality to quickly drill down, investigate events and understand activities.

CISOs can use it to gain total visibility into their cybersecurity posture from a single pane of glass.

CROs can define and refine their risk assessments based on cyber resilience scores and actionable insights to improve posture and reduce risk exposure.

IT security, threat intel analysts and operations users can use the UI for deep investigation across a wide array of datasets.

Architecture and Integrations

Sixgill easily and seamlessly integrates with all major TIP, SIEM, SOAR and VM platforms. It is a cloud based, SaaS solution that layers on top of your enterprise core security stack to provide a total integrated solution.

SOAR and SIEM

Get enhanced alerts
in real-time

Endpoint Security

Get incidents and IOCs enriched with context

Vulnerability Management

Get dynamic CVE
prioritization

Data Aggregators

Get new incident alerting and IOCs

Common Use-Cases

Sixgill can be deployed in various scenarios. It features a centralized, multi-tenant and role-based architecture for direct use as well as MSSPs. Organizations from all sectors can use Sixgill to tackle a wide range of scenarios.

Continuous real-time detection of compromised credentials

Receive alerts of leaked credentials of employees. These credentials were either posted on the underground, or were part of a leaked DB that was shared or sold on the underground

Next-level Incident detection and response

Investigate a specific threat or incident across wide datasets from the deep, dark and surface web. Including but not limited to: enrich the investigation with context, attribute an incident to a specific threat actor, and more

Real-time Executive/VIP monitoring

Receive alerts if an executive is being targeted by a cyber or physical threat, including spear-phishing attacks, CEO scams, doxing, and more

Hyper-scale Vulnerability assessments

Investigate a specific vulnerability across wide datasets from the deep, dark and surface web. Including but not limited to: enrich the investigation with context, attribute a POC exploit code to a specific threat actor, and more

Meticulous fraud
analysis - fast and easy

Allow financial institutions to better implement a root-cause analysis of credit cards leaks and to take action to mitigate it via a breakdown of leaked credit cards by BINs, geography, issue, and more

Law enforcement terror investigations

Access dozens of terror-related forums and thousands of Telegram channels. Intuitively correlate between different datasets and create a coherent intelligence picture in real-time

Drugs and weapons
investigations

Access dozens of drug and weapon related markets as well as thousands of IM channels. Intuitively correlate between different datasets in order to create a coherent intelligence picture in real-time

Out-of-box readiness,
instant time to value

  • Pre-configured and automatically updated alerts and insights according to vertical and use case
  • Automatic mapping of your assets for triggering imminent threats alerts

Visually intuitive
and role support

  • Pre-configured, role-based analytics dashboard

Frictionless
operation

  • Quick and seamless onboarding
  • Fully and automatically integrated into the enterprise ecosystem and security stack