Credentials Browser
The Credentials Browser in Flare is a powerful tool that offers users an intuitive interface for searching, tracking, and managing leaked credentials. It enables security teams to quickly identify compromised credentials across various sources, helping organizations proactively protect their accounts and digital assets. With advanced filtering, search capabilities, and export options, the Credentials Browser streamlines the process of investigating credential leaks, prioritizing risks, and responding to potential security threats.
Agile and Intuitive Credential Investigations
- Efficient Search: Effortlessly navigate through Flare's comprehensive database of leaked credentials.
- Precision Filtering: Refine searches based on domain, reverse domain, email, username, and password for targeted investigation.
- Easy Tagging: Quickly mark results as remediated or ignored for streamlined management.
- Export Capability: Conveniently export discovered credentials for reporting or integration with other security systems.
To begin, visit the Credentials Browser page, whether you're able to use the search bar to look up potential matches in Flare's Leaked Credentials Database. With different filtering options you're able to look for matching leaks by Domain, Email, Password, and more.
The Tenant Feed view is designed to provide you with a centralized view of all the leaks credentials that matched your identifiers. This view aggregates all the leaked credentials for your tenant or individual identifier feeds.
🚧 Note: We are actively working on adding search and filtering options to the Tenant Feed View.
🔍 In the meantime, if you have access to the Global Search View, you can use that to search for the same data across all your tenants and apply filters to refine your results. The Global Search View supports filtering by password complexity, source, and other key attributes, helping you quickly locate high-priority credentials.
The Global Search View is a powerful tool that enables you to search for public leaked credentials within Flare's extensive Leaks Database. Unlike the Tenant Feed View, which is scoped specifically to your tenants, the Global Search View provides a broader perspective, allowing you to search across all available credentials in Flare’s database.
Flare's database contains close to 20 billion leaked credentials, giving you unparalleled access to one of the largest collections of compromised data in the industry. This comprehensive coverage helps you identify potential threats and breaches beyond your organization’s direct footprint, empowering you to take proactive security measures.
For more information and access to Global Search, contact your CSM.
Feature | Tenant Feed View | Global Search View |
|---|---|---|
Scope | Limited to your tenant | All available data sources across all the Flare leaks database. |
Use Case | Tenant-specific monitoring | Broad, cross-tenant investigations |
Filtering | Coming soon! | Password policy, source, type, etc. |
When using the Credentials Browser, you can run searches across various categories to efficiently narrow down your results and identify potential risks. Each category serves a unique purpose, allowing you to focus on specific identifiers or attributes to pinpoint leaked credentials. Below is an overview of the available search types and their functionalities:
Search by entering a domain (e.g., example.com) to find credentials associated with that domain in Flare's Leaks Database.
Allows you to search for subdomains using an autocomplete feature by reversing the order of the domain (e.g., entering com.google will display a dropdown of related subdomains like accounts.google.com).
Search in Flare's Leaks Database for an exact email address (e.g., [email protected]) to find any leaked credentials linked to that specific email.
Search for an exact username to locate credentials tied to that username in Flare's Leaks Database.
Search in Flare's Leaks Database for a specific password you know to see if it appears in any leaks.
Search in Flare's Leaks Database by entering a specific URL (e.g., login.example.com) to identify credentials that have been compromised for a particular service or endpoint.