Netcraft

Dark Web Market Searches

Fraudsters commonly make use of Tor hidden services and the marketplaces available on them to sell credentials stolen from customers and employees, leaked internal documents, forged identity documents, or payment card data.

Netcraft explores these marketplaces, providing intelligence on the illicit materials being sold by fraudsters relating to your brand.

Features

  • Regular searches for your brands on dark web marketplaces
  • Valuable intelligence and early warning of criminal activity
  • Screenshots and text extracts from listings including prices and sellers
  • Identification of new marketplaces following law seizures and exit scams
  • Detect possible data security breaches

Benefits

  • View the data being made available on dark web marketplaces

Pricing

£18000 per instance

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

4 1 6 3 8 1 8 4 8 7 3 6 1 8 3

Contact

Netcraft

Andy Ide

01225 447500

asi@netcraft.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
All modern web browsers supported.
System requirements
Web Browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
24 hours, 7 days a week
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support is provided by electronic mail and telephone.
Support available to third parties
No

Onboarding and offboarding

Getting started
We provide online documentation, and also can provide a Webex (or similar) demonstration of the portal to answer any questions.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
Via the API, or we can provide a data extract on request.
End-of-contract process
N/A

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
Description of service interface
Website provides the results from the searches for your brand, together with text extracts and screenshots of the marketplace listings.
Accessibility standards
None or don’t know
Description of accessibility
N/A
Accessibility testing
N/A
API
Yes
What users can and can't do using the API
Extract the search results
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
No
Customisation available
No

Scaling

Independence of resources
We scale our applications to account for load placed by all customers.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
Less than once a year
Penetration testing approach
In-house
Protecting data at rest
Other
Other data at rest protection approach
We physically secure access to our data centre and backup media.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Via the API, or we can provide a data extract on request.
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON via API
  • TSV
Data import formats
Other
Other data import formats
N/A

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
If the Service is unavailable continuously for 3 (three) days or unavailable for an aggregate of 120 (one hundred and twenty) hours within the Subscription Period the customer may terminate the Service and receive a pro-rata refund for the unused period.
Approach to resilience
Available on request
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
User Account Authentication, Multi Factor Authentication, IP ACLs
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Risk based approach.
Information security policies and processes
Defined in our internal Policies and Procedures document

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We have an internal change management process
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Netcraft is a PCI approved scanning provider, and tests its own infrastructure. Patches are applied as appropriate.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Netcraft has a Security Incident Detection and Remediation programme.
Incident management type
Supplier-defined controls
Incident management approach
We have an internal policy for handing incidents.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£18000 per instance
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
We can offer a trial

Service documents

Return to top ↑