RiskIQ (a Microsoft company)
External attack surface and threat intelligence to protect your organization from cyber threats.
Daily Security Signals Analyzed
78 Trillion+
Founded
2009
Acquired by Microsoft
2021
About RiskIQ (a Microsoft company)
RiskIQ, acquired by Microsoft and integrated into Microsoft Defender Threat Intelligence, is a leading attack surface management platform. It continuously scans the internet to map known, unknown, and third-party assets, providing security teams with a complete inventory of their digital footprint. The platform offers detailed threat intelligence, including data on attacker infrastructure, malware, and phishing campaigns. This intelligence is used to enrich security alerts, accelerate incident response, and proactively hunt for threats. It integrates deeply with Microsoft's security ecosystem, including Microsoft Sentinel and Defender XDR, to provide context and visibility for security operations.
Core Capabilities
Attack Surface Discovery
Continuously discovers and inventories all internet-facing assets, including domains, hosts, and services.
Threat Intelligence
Provides access to raw and finished threat intelligence on threat actors, malware, and their infrastructure.
Threat Hunting
Enables proactive searching for threats and infrastructure connections across the internet.
Brand Protection
Detects phishing sites, domain infringement, and malicious mobile apps targeting your brand.
Integration Ecosystem
Microsoft Defender Xdr
Enriches incident data with external threat intelligence to provide a fuller picture of an attack.
Microsoft Sentinel
Integrates with SIEM to automate threat detection and response using RiskIQ's internet-wide intelligence.
Microsoft Security Copilot
Allows for natural language queries to investigate incidents using the platform's data.
Api Access
Provides API access via Microsoft Graph for integration with custom tools and security workflows.