Sign in Get a demo

A unified score for external threat exposure.

External threat exposure is the sum of many signals: leaked credentials, infostealer dumps, dark web mentions, threat actor targeting, and brand impersonation infrastructure. The Cyber Threat Score combines these into a single number per organization, calibrated to real-world threat activity rather than theoretical severity, so risk teams can prioritize across the full external picture.

Request a demo Get a free threat exposure report
WHAT THIS DOES

One number that reflects the full external threat picture.

The Cyber Threat Score combines signals from every CTI sub-feature into a unified scale. Breach exposure, infostealer device data, dark web mentions, executive threat indicators, threat actor targeting, and brand impersonation infrastructure all feed the same continuously-updated number.

Calibration is real-world, not theoretical. The same philosophy that powers EPSS exploit-prediction and CISA KEV active-exploitation flags in vulnerability scoring applies here: signals are weighted by actual threat activity, not worst-case severity. A credential active in a current infostealer log weighs more than a credential in a years-old breach dump.

Historical scoring tracks improvement and degradation over time. The trend matters as much as the snapshot. Risk teams use the trajectory for board-level reporting and to measure whether security-program investments are landing.

HOW IT WORKS

Three input layers, one continuous score.

Multi-signal aggregation across the full CTI module. Real-world calibration weighting active threat activity over theoretical severity. Historical tracking that shows the trend, not just the snapshot.

Multi-signal aggregation.

Pulls signal across all CTI sub-features: breach exposure, infostealer device data, dark web mentions, executive threat indicators, threat actor targeting, and brand-impersonation infrastructure. One score reflects the full external picture.

Real-world calibration.

Signals weighted by actual exploitation activity, not theoretical worst-case. A leaked credential surfacing in an active infostealer log weighs more than a 3-year-old credential in a stale dump. The philosophy mirrors EPSS + CISA KEV applied to CTI signals.

Historical tracking.

Score timeline per organization shows improvement or degradation over time. Risk teams use the trend, not just the snapshot, for board-level reporting and program effectiveness measurement.

WHAT IT SURFACES

Where the Cyber Threat Score shows up in your workflow.

Current Cyber Threat Score

Live score for your organization on the unified scale, refreshed continuously as new signals arrive.

Score breakdown by signal category

Per-category contribution to the score: breach exposure, infostealer activity, dark web mentions, threat actor targeting, brand impersonation. See where the score is coming from.

Historical score timeline

Score trajectory over weeks and months with trend indicators. Board-level reporting uses the trend; analyst review uses the snapshot.

Sector peer comparison

Comparison to sector peers where data permits. Useful for procurement-stage benchmarking and board context on relative posture.

Score-driving incidents flagged

Specific incidents currently driving the score, with explanatory context. Click through to the underlying CTI sub-feature for the detection detail.

Score-improvement recommendations

Recommendations tied to specific findings, ranked by score-impact. Acting on a high-impact item moves the score measurably.

PART OF CTI

The Cyber Threat Score is the roll-up over CTI.

Every CTI sub-feature feeds the score. Threat Actor Intelligence supplies actor-targeting signal. Data Breach Index supplies credential-exposure signal. Dark Web Search supplies mention signal. The score is what those signals add up to as a unified posture indicator.

CTI · THREAT ACTOR INTELLIGENCE

Threat Actor Intelligence

Learn more CTI · DATA BREACH INDEX

Data Breach Index

Learn more CTI · DARK WEB SEARCH

Dark Web Search

Learn more
← Back to CTI

“Boards want one number. Operations teams want the layers underneath. The Cyber Threat Score gives us both: a single trended score for executive briefings and the contributing signals for the people working the queue.”

— Director of Security Strategy, Energy Utility
CONTINUE EXPLORING

Explore the full platform.

EASM · EXTERNAL ATTACK SURFACE MANAGEMENT

See your entire attack surface. Act on what matters.

Continuous discovery and monitoring of every internet-facing asset, including subsidiaries and acquired companies.

See module CTI · CYBER THREAT INTELLIGENCE

See what’s exposed. Act before it’s exploited.

Dark-web monitoring, breach corpora, infostealer logs, and threat-actor activity tied to your organization.

See module BRP · BRAND RISK PROTECTION

Keep an eye on the internet. Protect your brand.

Lookalike domains, fake apps, fraudulent listings, and brand abuse caught in hours, not weeks.

See module TPRM · THIRD-PARTY RISK MANAGEMENT

Every third party carries risk. See all of it.

Continuous external monitoring of every approved vendor with the same depth as your own surface.

See module DSI · DEEP SEARCH AND INSIGHTS

Explore the entire internet. See every layer.

400M domains, 2B subdomains, 200B DNS records, 30B SSL certificates. All queryable directly.

See module
SEE YOUR SCORE

Get your Cyber Threat Score against your domain.

The free threat exposure report includes your current Cyber Threat Score plus a breakdown of what's driving it.

Request a demo