DATA SOURCES

Emerging Source

9min

Flare's Emerging Source data are data coming from new sources that are currently not supported within the Flare application. We have built an Emerging Source System that allows us to swiftly integrate certain datasets and sources previously not covered by the Flare platform, addressing visibility gaps, and enhancing data coverage.

Unlike events coming from our other Collection data:

Emerging source events are raw

  • Basic metadata
  • Raw content view only 
  • No severity scoring 
  • No AI assist 

Emerging source data may not be archived in the long term 

  • Flare reserves the right to remove and add emerging sources at any time 

If you are find value in one of our emerging sources and would like the data to be enriched or improved. Please reach out to our support team, your feedback will help us prioritise improving that dataset.



Emerging Sources

APK App Stores 

  • Poses security risks because these app stores may host unverified and/or malicious apps
  • Gives you visibility into illegitimate versions of your mobile apps being disseminated on APK stores
  • Helpful for notable brand names and/or customers who have a portfolio of mobile applications on Google Play 

Botnet 

  • Threat actor groups often have access to networks of compromised devices or “botnets” that can be used in attacks
  • Flare’s research team has Intelligence about these botnets like IP addresses and target/victim company names 
  • Gives you visibility to see if you have been targeted by a botnet and/or if you have any assets that are unknowingly part of a botnet

SEC 8-K Filings

  • We are monitoring SEC 8-K filings, specifically under Item 1.05: Material Cybersecurity Incidents. These filings provide timely alerts when publicly traded companies report significant cybersecurity incidents.

PII & Unverified Leaks

  • Includes various PII breaches, along with any "unverified" breaches we find online. For example, the PII part of the PureIncubation breach would have been a good fit here.
  • Unverified breaches refer to leaks posted on cybercrime forums where the origin can't be validated. A breach is considered "verified" when it's recognized by services like HaveIBeenPwned (HIBP) or included in "official" lists on dark web forums.

Ransomware Files

  • This source will consist of files related to ransomware attacks. We'll be uploading these files and creating events in the platform based on the content extracted from them.

Other Found Files

  • This source will contain any other files identified by the Flare team that hold potential value but don’t fit into the two categories above.

Potential Stealer Logs

  • This contains "rejected" stealer logs from our traditional pipeline. Any files that appear to be stealer logs but are missing critical information or are of an unsupported layout can be found here.

Future emerging sources

New sources will be added to Flare on a case by case basis as we discover them. If you are aware of a new source that you would like to see in Flare reach our to our support team and we will review its feasibilty.



How to see to Emerging Source data

Emerging Source data is 'opt-in', this means it this data is not selected by default for any identifiers or for the event search.

Configuring Identifiers

To see emerging source data related to a certain identifier, you need to actively select this data category from the dropdown. Note, the emerging sources category will not be selected even if you click the 'Select All' option. You have to manually opt-in.

Document image


Searching in Events

To see events from emerging source data, you need to actively select this data category from the dropdown.

Document image




Did this page help you?
PREVIOUS
Look-alike Domains
NEXT
REFERENCES
Docs powered by Archbee