Dark Web Monitor Results
The Dark Web Monitor Results page provides comprehensive insights into potential data breaches and exposures across dark web sources. The new interface offers enhanced visualization and categorization of findings to help security teams quickly identify and respond to threats.
Written by Noah Garland
Updated at March 20th, 2025
- User Manual
- Agents
- The Cyber Risk Assessment Process
- API Documents
- General Questions and Troubleshooting
- The Cyber Risk Assessment Process (Video Tutorials)
- Sales and Prospecting Articles
- CYRISMA Partner Portal Access
- Glossary
- CYRISMA Change Log
- Support Ticket SLA
- Onboarding Framework
- PSA Integrations
- Billing Questions
- Self Onboarding Guide
Table of Contents
Dashboard Overview
The Dark Web Monitor Results dashboard presents threat information in an organized, visual format with two main categories:
Breach Type
- Displays the total number of breach incidents detected
- Provides a quick overview of the breach severity
Forums/Marketplaces
- Shows mentions of your monitored assets in dark web forums and marketplaces
Breach Data Analysis
Total Number of Breaches
- Displays the cumulative number of breaches detected
- Serves as a key metric for overall dark web exposure
Highest Category & Most Dangerous
- Indicates the most prevalent type of breach affecting your organization
- "Most Dangerous" highlights critical exposures requiring immediate attention
Data Visualization
Breach Type Distribution
- Interactive donut chart showing the proportion of different breach types
- Color-coded legend identifying:
- Username (gray)
- Password (blue)
- Name (light blue)
- Phone (purple)
- Location (pink)
- IP Address (light blue)
Breaches by Category
- Bar graph visualization showing the volume of breaches by type
- Other categories shown: Name, Location, Username, Phone, and IP Address
- Provides visual indication of where security efforts should be focused
Detailed Breach Results
The "Breach Result - All" section provides a detailed breakdown of all detected breaches:
Table Components
- Victim Account: Lists affected email addresses from your domain
- Number of Findings: Quantifies how many times each account appeared in breaches
- Last Seen: Timestamp of when the breach data was most recently observed
Taking Action
The Report Builder button in the top-right corner allows security teams to:
- Generate comprehensive reports about dark web exposures
- Document incidents for compliance and management review
- Track remediation efforts over time
Using the Dashboard Effectively
- Prioritize by volume: Address password breaches first as they represent the highest volume
- Focus on accounts with multiple findings: Accounts appearing multiple times may indicate targeted attacks
- Review recent findings: Check the "Last Seen" dates to identify ongoing or recent exposures
- Implement targeted controls: Use category information to enhance specific security controls (password policies, MFA, etc.)
- Generate reports: Use the Report Builder to document findings and remediation plans
The Dark Web Monitor Results dashboard provides security teams with actionable intelligence to identify, prioritize, and remediate potential data exposures before they can be exploited.