Notes from the exposure management trenches.
Engineering deep-dives, threat research, product thinking, and the occasional opinion. Written by the people actually doing the work. Looking for whitepapers, guides, and case studies? Browse the full resources library.
The attack surface you don't know you own
Most organizations run with an asset inventory that's somewhere between 30% and 60% of their actual attack surface. Here's why, and what to do about it.
Read the postWhy we index the internet ourselves
A look under the hood at why Deepinfo runs its own internet-scale data pipeline instead of renting it. The coverage, freshness, and history tradeoffs that made the decision obvious.
Read the postCTEM is not a product category, it's an operating model
Continuous Threat Exposure Management is the label Gartner gave a set of practices security teams were already trying to stitch together. Here's what actually matters in the implementation.
Read the postDark web monitoring: what it actually catches, and what it misses
Honest take on the limits of dark web monitoring, where it's genuinely useful, and why the marketing pitch doesn't match the operational reality.
Read the postThe vendor risk questionnaire is broken. Here's what replaces it.
Annual questionnaires give you a snapshot that's wrong the day after it's filed. External monitoring gives you a continuous picture. A practical framework for making the switch.
Read the postDetecting typosquats at scale without drowning in false positives
A walk-through of the techniques we use to generate typosquat permutations, score them, and filter down to real impersonation attempts. With code.
Read the postNew posts, in your inbox.
Low-volume. No marketing copy. Just the posts, when they ship.
Get a feel for how we think and write.
Run Deepinfo against your domain to see what these patterns look like in your environment, or talk to us about the platform.