Ransomware Hub
Match every ransomware attack to your supply chain.
Every leak-site disclosure runs 1:1 against your third and fourth party ecosystem. See which of your vendors, and your vendors' vendors, just got hit before the cascade lands on you.
1:1
Matched to your portfolio
Every disclosed victim auto-matched against your vendors via name, alias, parent, and domain
3rd + 4th party
Supply chain reach
Direct vendors plus your vendors' vendors, all checked as new disclosures land
Hours
Disclosure to alert
Leak-site posts hit your hub within hours, with severity and confidence per match
Every disclosed attack matched 1:1 to your vendors
The Ransomware Hub takes every leak-site disclosure and runs it against your vendor portfolio. Name matches, alias matches, parent and subsidiary resolution, and domain matches all happen automatically.
- ·Alias and trading-name resolution against your vendor records
- ·Parent and subsidiary roll-up so a hit on a child entity flags the group
- ·Severity and confidence score on every matched event
Reach into your fourth-party blast radius
Your direct vendors are only half the story. We map your vendors' vendors too, so when a logistics provider used by your CRM platform gets hit, the chain back to you is already drawn.
- ·Fourth-party vendor relationships modelled per third party
- ·Cascade view from any disclosed victim back to your portfolio
- ·Concentration alerts when one fourth party sits behind multiple vendors
Then zoom out to the global pattern
Once your matches are clear, the global density and 48-hour fresh-attack rings give you the wider context. Sector trends, jurisdictional spikes, and threat-actor surges that may be heading your way next.
- ·Country-level victim density on a yellow to red gradient
- ·48-hour ring overlay for the freshest disclosures
- ·Threat-actor and sector trend pivots from any country
What's under the hood
The technical depth behind every match surfaced.
1:1 vendor matching engine
Name, alias, parent, subsidiary, and domain matching across every leak-site disclosure, with confidence scores per match.
Fourth-party graph
Your vendors' vendor relationships modelled and traversed, so cascades up the chain are visible the moment they happen.
Concentration detection
Flags when a single fourth party sits behind multiple direct vendors, surfacing systemic exposure most reviews miss.
Global context layer
Country-level density and 48-hour rings give you the macro picture once your portfolio matches are resolved.
FAQs
Common questions
Every disclosed victim from leak sites and threat-intel feeds is run against your vendor records using exact name, alias, trading name, parent and subsidiary roll-ups, and domain matching. Each match carries a confidence score and a reason so you can verify before you act.
Your fourth parties are your vendors' vendors. If your CRM platform relies on a logistics provider that just got hit, you have an exposure even though you do not contract with that provider directly. The hub maps these relationships so you see the cascade path back to you.
Most ransomware disclosures are surfaced within hours of being posted on leak sites or victim communications. Matches against your portfolio update on the same cadence, with the 48-hour ring overlay highlighting the freshest activity.
Unmatched events are kept visible for sector-level awareness and trend tracking. Threat-actor surges, jurisdictional spikes, and sector campaigns often precede targeted activity, so you can use them to anticipate where matches may land next.
Continue exploring
Related capabilities
Geospatial Intelligence
Map every threat layer
The choropleth lives inside the broader geo intel canvas, alongside conflicts, hazards, and infrastructure.
Explore Geospatial IntelligenceBreach Intelligence
See related breach exposure
Ransomware victims often disclose breaches simultaneously. Pivot from a country to vendor-level exposure detail.
Explore Breach IntelligenceContinuous Monitoring
Get pinged the moment it hits
Custom alerts and rules that fire when a ransomware event affects a tracked vendor or shared sector.
Explore Continuous MonitoringSee every ransomware attack matched to your ecosystem
Connect your portfolio and let the Ransomware Hub do the matching. Every disclosure, every alias, every fourth-party hop, scored and surfaced before the cascade reaches you.