Product Specifications
Flare is a SaaS platform, hosted in the cloud on AWS in the United States and is accessed through a web interface. The various software components run in a Kubernetes cluster.
Google Chrome, Firefox, and the most recent version of Microsoft browsers are well supported and tested.
Signing in to Flare requires an account that is created when a subscription is officialized. Each user has an independent account. Configuration is done directly in the web platform. Flare does not require any on-premise deployment or installation. Flare also has a well-documented API, which is accessed with the same credentials as the web interface.
Most data is stored in an ElasticSearch cluster. Leaked Credentials are stored in a PostgreSQL cluster.
Although Flare collects a wide array of sources, it has certain limitations:
- Flare (as most similar tools) cannot guarantee a complete coverage of the complete criminal underground. That being said, we maintain up-to-date coverage with a continuous analysis of the threat landscape and ensure we collect the most important sources at all times.
- In terms of chat rooms, Flare collects Telegram and ICQ rooms. To be collected, the room has to be identified by a Flare analyst and configured. We only collect chat rooms based on that pre-configured list.
- We cannot collect private messages occurring 1-to-1 between actors as these are not public.
- The score and risk evaluations are limited to the public information that Flare has and we cannot guarantee their precision.
- Reporting features might include false positives and they may not directly represent the threat level for an organization. We recommending using them to compare progression through time or comparing with the industry.