KELA Identity Guard detects and intercepts compromised assets

KELA launched Identity Guard, the first line of defense to help combat the #1 cause of data breaches – compromised corporate assets and identities.

Identity Guard is a critical module of KELA’s threat intelligence platform, already in use by hundreds of customers, including government agencies, law enforcement and enterprises.

As threat actors look for new ways to circumvent advanced Firewalls, EDRs, and other security controls, they increasingly turn to using valid corporate account credentials — gaining access through tools like VPNs, Active Directory, and other production systems, making it much harder for security teams to detect and mitigate the attack.

These credentials, stolen through tactics like infostealer malware and advanced phishing attacks, and widely traded in the cybercrime underground, have become the attackers’ weapon of choice, and are now considered the leading cause of cyber attacks.

KELA’s Identity Guard leverages enhanced sources and methods, combining AI analytics with validated human intelligence to detect and intercept compromised assets and identities in real time as they are traded in the cybercrime underground, including on botnet markets and Telegram channels. The system automates the process of quarantining compromised assets or suspending identities, preventing their exploitation.

“With over a threefold increase in the use of infostealer malware in the past year, credential theft has become the most common method used by cybercriminals to infiltrate organizations, making identity protection a crucial part in any cybersecurity strategy,” says David Carmiel, KELA CEO. “Identity Guard gives customers immediate access to unique intelligence directly from cybercriminal sources, allowing them to automate defense mechanisms such as quarantining or account reset. This real-time protection ensures that compromised credentials don’t become entry points for attacks.”

Comprehensive protection with Identity Guard

KELA’s Identity Guard provides comprehensive identity protection, safeguarding against the risk of compromised assets and identities across an organization’s entire digital footprint. Key benefits of the solution include:

• Unmatched coverage: KELA tracks and intercepts billions of exfiltrated compromised assets and identities across illicit dark web channels, cybercrime forums, Telegram messaging groups and bot marketplaces.
• Proactive defense: Identity Guard helps prevent account takeovers and other cyber attacks, with instant alerts triggered when a threat is detected, and automatic severity classification surfacing prioritized alerts for remediation.
• Seamless integration: Identity Guard seamlessly integrates with existing security controls, identity management systems, and SIEM/SOAR platforms such as Splunk and Palo Alto. The built-in webhook integrations ensure easy incorporation into your existing workflows
• Automated remediation: With configurable playbooks and integrations, compromised assets can be automatically quarantined, including suspending employee and customer accounts associated with your organization before they can be exploited.
• Rapid return-on-investment: Identity Guard leverages automation and orchestration, enabling busy teams to quickly act on compromised accounts before they are exploited. With simple setup and integration, businesses can protect their assets within minutes, ensuring immediate, prioritized alerts and proactive defense without downtime