HowTo: Dark Web Workflow

 What to Do When You Have Dark Web Exposures:

Here’s a high level overview of the steps you may follow to review dark web exposures.

To check the exposures on the Power Platform:

1. Select the customer in which you want to check the exposures for.
2. Click on the “Exposed” box right from the main Dashboard view.

To check the exposures on the Autopilot Platform:

1. Select the customer in which you want to check the exposures for.
2. Click on Users.
3. Click on Exposed Users.

Overall recommendations:

1. Check the date of the exposures, sometimes those are very old and were already taken care of by the user, when in doubt, notify them.
2. Notify the users, informing them to change their passwords and enable 2FA/MFA on the affected accounts.
3. Here’s a sample of text to send to impacted users when using the notify feature within CyberHoot’s Power Platform:“Your accounts have been discovered on the dark web, if you still use these online accounts that have been exposed, it’s recommended that you change their passwords as well as the passwords for any other accounts that share the same password. Don’t forget to enable 2FA/MFA to further enhance their security”

    

4. Acknowledge the exposure on the console.