Monitoring Catalog (Overview)

Digital Risk Protection (DRP) refers to the continuous monitoring of external digital environments to detect threats that could harm a company’s reputation, executives, brand, or exposed assets. It operates across the open web, deep/dark web, messaging platforms, forums, social media, and app stores seeking signs of impersonation, data leaks, credential exposures, fraud attempts, and other forms of digital risk. Unlike reactive tools that only alert once a breach is underway, DRP is designed to act upstream, flagging risks before they escalate, by identifying early signals in unstructured content such as posts, media files, domains, and digital certificates.

The Inopli DRP module applies this principle in a fully automated and scalable manner. It collects and analyzes content from dozens of external sources and transforms it into actionable findings tied to monitored entities like brands, VIPs, and sensitive strings. Through techniques like language detection, entity recognition, similarity analysis, metadata extraction, OCR, and transcription, it enriches each signal with relevant context to support prioritization. Findings are classified by severity and type, enabling security teams to focus on what matters most, before damage occurs.

What DRP Monitors

  • Public semi-open and private messengers and chat networks, including Discord, Telegram and IRC. Coverage includes text, links, and shared media (documents, images, audio). Findings are correlated to monitored companies, VIPs, and sensitive strings.

  • Monitors relevant resources, crawling pages and scanning internal content (text and media). It applies the same enrichment used elsewhere—OCR for images, archive inspection, metadata analysis, and transcription—to surface findings tied to brands, VIPs, and sensitive strings.

  • Domain and certificate monitoring via Certificate Transparency (CT) logs to surface new certificates and domain look-alikesand inspects surface content for phishing and leaked or sensitive data, similarity, typosquatting, and bitsquatting analyses highlight impersonation risks.

Core Detection Themes

  • Mentions of monitored companies and VIPs across sources, with structured findings that include evidence and context.

Sensitive strings and secrets

  • Detection of emails, phone numbers, IPs, payment data patterns, and other sensitive strings; context is used to prioritize alerts.

  • Purpose-built detection for credential leaks (e.g., user:password pairs), with noise reduction and correlation to monitored entities.

Threat indicators

  • Identification of phishing and malware indicators, suspicious commands, and attack patterns in messages, with severity-based prioritization.

  • URL extraction and parsing (including t.me variations), plus domain/channel derivation to enrich context.

Media intelligence

  • OCR on images to extract text for correlation.

  • Archive inspection (ZIP/RAR/7z/tar.gz) with recursive extraction and text analysis.

  • EXIF/metadata analysis (e.g., GPS, capture time, device) to add geospatial/temporal context.

  • Audio transcription with multilingual support; transcripts are analyzed like text.

Language & entity understanding

  • Automatic language detection across text, OCR, and transcripts.

  • Multilingual Named Entity Recognition (people, organizations, locations, dates, monetary values, etc.) to enrich findings.

Last updated