The Axur platform enables monitoring of Data Leaks, CTI, Deep & Dark Web, Brand Protection, and Online Piracy, allowing your company to safeguard sensitive data while also gaining a comprehensive view of its external attack surface.
To do this, configure your assets and enable monitoring in the Asset Management menu.
The signing of the Takedown Authorization Document (TAD) is now available directly in Monitoring Settings > Takedown > Takedown Authorization.
How to Add a New Asset
To start monitoring, follow these simple steps to add a new asset:
Access the Asset Management menu and click the orange + Add Asset button in the upper-right corner.
You will be taken to a new screen where you can choose the type of asset you want to add.
The available options are:
Data Leakage
Domain: Your brand’s main web address along with its subdomains.
Third-party login page: Your brand’s assets on customer, supplier, or partner platforms.
BIN: Bank Identification Numbers to monitor credit card exposure.
Tracking Token: Monitor data leaks accurately through hidden tokens.
Application: An application identifier to monitor potential credential exposure.
Cyber Threat Intelligence
Domain: Your brand’s main web address along with its subdomains.
IPs & Ranges: IP addresses or network ranges from your infrastructure.
Brand Protection
To activate Brand Protection, it is necessary to create a brand with the following information:
Asset name
Brand name and variations
Website
Country
Language
Company logo
Monitoring options:
Phishing: Identification of fake login pages and fraud attempts focused on capturing credentials and passwords. Analysis of page structure and level of impersonation to detect threats.
Fake social media profile: Detection of fake profiles on social networks that impersonate the brand. Monitoring identifies brand abuse even when there are no keywords, logos, or direct references to the company, by understanding the visual context.
Fraudulent brand usage: Detection of brand abuse on fake websites and fraudulent ads. Using Clair technology, AI identifies scams that mimic your style by analyzing visual assets with unmatched accuracy.
Similar domain name: Daily monitoring of URLs and domains against a data lake with 40 million new websites to identify variations attempting to imitate the official domain.
Brand usage in paid search: Supervision of paid search channels to ensure the brand remains protected in digital ads, preventing third parties from diverting traffic or illegally using the brand name.
Fake mobile app: Continuous monitoring of App Stores to identify imitations and unauthorized applications that use the brand’s image to deceive users.
Malware: Identification of digital threats where the brand is used as bait to distribute malicious software (malware) through suspicious links and websites.
Other sensitive data: Detection of pages with a high level of impersonation designed to capture sensitive information, specifically identifying password fields and account verification requests.
Online Piracy
To activate Online Piracy, it is necessary to create a brand with the following information:
Asset name
Brand name and variations
Website
Country
Language
Company logo
Monitoring options:
Counterfeit or irregular sale: Monitoring and mitigation of ads selling counterfeit, stolen, illegal, or unauthorized products on websites, marketplaces, social networks, and online stores on the Surface Web.
Content piracy: Detection and remediation of the unauthorized distribution or sale of proprietary or copyrighted material, such as eBooks, educational content, and more, distributed on streaming sites, free content-sharing websites, or pirate streaming platforms.
Deep & Dark Web
To activate Deep & Dark Web, it is necessary to create a brand with the following information:
Asset name
Brand name and variations
Website
Country
Language
Company logo
Monitoring option:
Deep & Dark Web monitoring: Monitoring of key groups, forums, marketplaces, and darknet sites to anticipate attacks and uncover new schemes.
Click the desired option to continue with the specific configuration for that asset type.
Add one or more assets you want to create.
You can add multiple Assets at once, except for Brand Protection, Online Piracy, and Deep & Dark Web. To do so, separate them with a semicolon (;). For example:
ormus.com; myapp.com.br; anotherdomain.org. All domains, BINs, or IPs will be automatically added to your Safelist.In the Activate monitoring section, select the types of monitoring you want to enable.
Click the Save button.
Done! Your assets have been created and are now being monitored.
How to View Your Monitored Assets
On the main Asset Management screen, you will find a table with all the assets you have added, both enabled and disabled. This table is your central hub to view the status of your Credentials, Cards and CTI monitoring.
Search: Use the search bar to quickly find a specific asset. Simply type the asset name to filter the results.
Filter: Use the Filter dropdown menu in the upper-right corner of the table to organize your assets by:
Asset Type: Domain, Third-party login page, Application, etc.
Monitoring Status: Active, Inactive, or Pending.
Asset Details
The table displays important information about each asset:
Asset: The name of the asset, whether a domain, application, etc.
Asset Type: The type of registered asset.
Active Monitoring: The monitoring status for the asset.
Comparison: Asset types × Monitoring types
The table below shows which monitoring types are available for each asset of Data Leakage:
Asset type | Employee credential exposure | Customer credential exposure | Code secret exposure | Database exposure |
Domain | ✔ | ✔ | ✔ | – |
Third-party login page | ✔ | – | – | – |
App | – | ✔ | – | – |
Tracking token | – | – | – | ✔ |
Learn more about each monitoring type
Each asset type supports different monitoring options. Below is a quick overview of what you can enable for each one.
Domain
Employee credential exposure
Detects leaked employee emails and passwords on the internet, based on the monitoring domain.
Customer credential exposure
Detects leaked credentials of customers and users who access the monitoring domain, regardless of their email domain.
Code secret exposure
Detects leaked code secrets, such as API keys and access tokens, in public repositories associated with your organization's projects.
Third-party login page
Employee credential exposure
Detects leaked credentials of employees who access the monitoring third-party pages, regardless of their email domain.
Pending Status: the Pending status applies exclusively to Third-party Login Page assets.
It indicates that the system is validating whether the added host is indeed associated with your company.
This is a security measure to ensure that only legitimate assets representing your brand on third-party platforms are monitored.
Once validation is complete, the status will update to Active Monitoring.
Rejected Status: If a Third-party Login Page asset is marked as Rejected, it means that ownership validation was not approved.
The system could not confirm that the added host is related to your company, and therefore, monitoring will not be activated for that asset.
If you believe the asset was rejected by mistake, please contact [email protected] explaining your relationship with the registered asset.
App
Customer credential exposure
Detects leaked credentials of customers and users who access the monitoring app, regardless of their email domain.
Tracking token
Database exposure
Insert tokens disguised as real data into your databases and be alerted if they are found in any leak.
If you have any questions, feel free to reach out at [email protected] 😊