SILICON SLOPES, Utah, Sept. 6, 2017 /PRNewswire/ — HEROIC.com, provider of enterprise credential stuffing protection, today announced the release of EPIC, an enterprise-focused solution that empowers security professionals to discover, remediate and prevent credential stuffing, the unauthorized use of stolen login credentials in targeted attacks. With EPIC, organizations can now know where and when employee and customer logins are compromised online.
“EPIC gives organizations the ability to gather insights into potential vulnerabilities that they wouldn’t have noticed otherwise,” said Chad Bennett, HEROIC founder and CEO. “Unfortunately, hundreds of businesses fall victim to cyber attacks every day. Credential stuffing is one of the most frequent methods of attack and one of the least protected in today’s cybersecurity landscape. EPIC aims to fix that.”
Powered by HEROIC’s DarkHive™, the world’s largest database of compromised credentials, EPIC allows organizations to scan and monitor domains, IP addresses and custom email lists against 5 billion records spanning thousands of corporate hacks leaked onto the dark web. EPIC also gives organizations real-time alerts as machine learning uncovers credential correlations between leaked databases and as HEROIC dark web analysts add validated data into the DarkHive™.
Additionally, EPIC helps organizations satisfy the latest password requirements found in the 2017 NIST Special Publication 800-63B, Authentication and Lifecycle Management. The new guidelines require that organizations utilize a legitimate database of compromised credentials to stop the usage of dictionary words, previous breach passwords and repetitive characters within new passwords.
“HEROIC EPIC gives security professionals another layer in their cybersecurity arsenal without requiring additional resources,” explained Brian McFadyen, Vice President of Sales. “We’re changing the game and helping security teams better protect their organizations against credential stuffing attacks.”
According to Verizon’s 2017 Data Breach Investigations Report, 81% of surveyed organizations reported hacker-related breaches by an unauthorized party leveraging either stolen or weak passwords. The number of credential misuse incidents is up 19% from Verizon’s 2016 report – making credential stuffing the most common attack technique. With over three billion records being leaked to the dark web last year, credential stuffing has quickly outgrown other attack methods and become a top priority for cybersecurity professionals to defend.
EPIC Product Features Include:
- Robust API Integration – HEROIC’s easy-to-use API allows organizations to integrate EPIC into any existing software solution.
- Real-time Notifications – Security professionals can receive email or SMS breach notifications while monitoring login credentials and data in EPIC.
- Actionable Analytics – Organizations can know when and where employees and customers are compromised and how to remediate the issue.
- Automated Protection – As new data is entered into HEROIC’s DarkHive™, account domains, IP addresses and custom email lists will automatically be scanned.
- Custom Roles & Permissions – EPIC allows organizations to create custom roles and permissions for departments to scan and monitor specific data sets
HEROIC.com provides companies and individuals with a solution for their biggest risk; stolen login credentials and sensitive data. HEROIC has created the world’s largest public hack database, comprised of over 5 billion individual records from over 3,000 data breaches. HEROIC alerts and notifies individuals when their private information including email addresses, usernames and passwords become compromised online.