The SpyCloud CDF for ThreatQ automatically ingests breach and compromised credential data, enabling analysts to quickly identify exposures affecting their organization’s assets. Powered by SpyCloud’s cybercrime analytics platform, which continuously monitors the dark web and other underground sources, this integration provides real-time intelligence to help prevent account takeovers, ransomware attacks, and related threats.

The integration provides the following feeds:

• SpyCloud Breaches - ingests new breach data from SpyCloud’s Breach Catalogue as Event objects.
• SpyCloud Compromised Credentials - ingests compromised account information based on specified monitored assets.

The integration ingests the following object types:

• Compromised Accounts
• Events
• Identities
• Indicators
• Malware