Cyber Threat Intelligence

Cyber Threat Intelligence



Cybersixgill is an enterprise-grade, leading SaaS threat intelligence provider that helps enterprises, MSSPs, financial services leaders, government and law enforcement entities, to fight cyber-crime through its deep and dark web threat intelligence solutions.

Cybersixgill is the only solution that is comprehensive, covert and fully automated. It empowers security teams with the insights they need to proactively protect their critical assets, prevent fraud and data breaches, protect their brand, conduct investigations in real-time and minimize attack surface. With easy integrations to the organization’s security stack, Cybersixgill delivers clear visibility into the organizational threatscape coupled with contextual and actionable recommendations for remediation – all from a single pane of glass.

Cybersixgill easily and seamlessly integrates with all major TIP, SIEM, SOAR, Firewall and VM platforms. It is a cloud based, SaaS solution that layers on top of your enterprise core security stack to provide a total integrated solution.

digital forensics solutions, cdr analysis software
incident response, password recovery solution


Darkfeed is an intelligence stream of indicators of compromise (IOCs), including malicious domains, URLs, IF addresses, and file hashes. These IOCs are automatically extracted from Sixgill’s deep, dark and surface web sources. Darkfeed is automated, meaning that IOCs are extracted and delivered in real-time, and it is actionable, in that you will be able to receive and block items that threaten your organization.

Darkfeed harnesses Sixgill’s unmatched intelligence collection capabilities both in terms of breadth and quality. Darkfeed’s contextual threat intelligence is highly accurate, comprehensive, covert and automated. The feed is structured in the STIX format and shared via Sixgill’s API, allowing customers to automatically consume and integrate it with their security solutions, whether SIEM, SOAR vulnerability management tool, or any other platform.

DVE Score

Dynamic Vulnerabilities & Exposures (DVE) shows the dynamic nature of Common Vulnerabilities & Exposures (CVE). DVE is an intelligence indicator of which CVEs are most likely to be exploited within a 90-day window, based on chatter and intelligence gathered in the wild. The CVEs are extracted via your VAVM solution and is ran through the Sixgill DVE solution to get a reprioritization of which vulnerabilities to focus.

mobile unlocking solutions, drone forensics
cloud forensics, network forensics


Empowering security teams with an agile threat intelligence methodology for the modern threatscape.

Sixgill pioneers the Continuous Investigations /Continuous Protection (CI/CP) approach to security. CI/CP uses automation tools that empower security teams to collect, analyze, research, and respond after each intel development as seamlessly as possible. Focusing on maximum security readiness at any given time, Continuous Protection naturally leads to Continuous Investigation.

Implementing CI/CP threat intelligence means teams are constantly and proactively responding to the most updated intelligence picture, generating fresh, relevant intel to take incident detection, prevention and response to the next level, with minimum business interruption, breaking security silos and maximizing performance of security teams, platforms and processes.