Skip to main content
// THE PLATFORM

Every capability your security team uses every day.

Dark Manager bundles continuous dark-web monitoring, identity triage, remediation workflow, executive reporting and multi-tenant operations into a single console. Below is exactly what you get with the Core License — no add-ons required.

01

Monitor

Ingest dark-web and public credential leaks continuously, matched against every identity in your perimeter.

Continuous ingest

Crawlers pull credential dumps, ransomware extortion posts and underground forums 24/7. New leaks land in the platform within minutes of being published.

#

Hash-based matching

Emails are matched via SHA-256. Plaintext credentials never persist in the database — we work on hashed comparisons, GDPR-friendly by design.

Four identity categories

C-Level executives, employees, third-party providers and end-clients are tracked separately so triage and routing can be tuned per category.

👁

Shadow IT detection

Professional-email leaks from unregistered domains are flagged as suspected vendors your team didn't know they were doing business with.

Re-breach detection

If an identity that was previously remediated leaks again on the same service, the platform reopens it automatically and notifies you as a fresh incident.

🌐

Multi-domain perimeter

Configure all your corporate domains under one tenant. Add or remove domains at any time; the engine re-syncs on the next ingest cycle.

02

Triage

Get the right alert to the right person — and only when it matters.

@

Per-domain × per-category routing

For each monitored domain, define which recipients receive alerts for C-Level, Employees, Providers or Clients. Activate or pause any combination independently.

Live alert feed

Every detection, status change and AI report becomes an entry in a chronological feed with type, severity, source and metadata. Filter by event type.

!

Severity-aware UI

C-Level breaches surface in red, supply chain in orange, employees in purple, clients in cyan. Mobile-readable, screen-reader friendly.

Auto-prefill default recipients

For Cyber Corp tenants, when an analyst activates a new alert category the cybercorp's default contact is suggested automatically — no missed inboxes.

Misconfiguration guards

Activating an alert category without recipients triggers an inline red warning so the SOC never silently loses notifications.

Data freshness indicator

Every dashboard shows a live "Updated X min ago" badge with a manual refresh button — operators always know how stale the data is.

03

Remediate

A proper incident workflow — not just "mark as managed".

Six-stage workflow

Pending → Investigating → User notified → Password reset → Verified → Closed. Each transition records the analyst, timestamp and notes for audit.

Mark managed with Undo

One-click mark-as-managed with a 5-second Undo toast and confirmation modal. Mistakes don't become incidents.

Bulk select & resolve

Checkbox-per-row with a contextual action bar. Mark dozens of pending breaches as managed in one click after a mass-leak event.

📝

Per-breach notes & history

Every breach has a full action timeline — who, when, which stage, what they wrote. Perfect for handovers and audit prep.

Re-breach reopen

If a closed breach reappears with a fresher leak date, the platform reopens it automatically and surfaces the previous remediation in the event metadata.

Pending count badges

Sidebar shows live pending counts per identity category. Analysts always know where the backlog sits without opening every page.

04

Analyze

From a raw breach list to a CISO-grade narrative — without leaving the platform.

📈

Trend intelligence

12-month volume per identity type, weekly breach velocity with linear regression slope, and a top-movers table comparing this month vs last.

Time-to-manage metric

Average days from detection to resolution, calculated across all closed breaches. Track your team's improvement quarter over quarter.

Period-over-period deltas

Scorecards include trend pills (↑ +12, ↓ −5) comparing the current view against the previous equivalent period. Spot regressions early.

🗓

Custom date range

Today, Last week, Current/Last month, YTD — or pick any window. Timeline and tables recompute server-side and reflect monitor scope settings.

AI

AI risk narratives

Generate CISO-grade Markdown reports with a single click. Each carries a Critical/High/Medium/Low risk rating extracted by the model.

Executive PDF reports & XLSX export

Board-ready white-label PDFs plus filtered XLSX exports for the breach table. No copy-pasting into Excel before the steering meeting.

05

Scale

Built for security teams running one tenant or fifty.

Multi-tenant switcher

Cyber Corp users see all managed clients in one search-able switcher. Jump between tenants in two clicks; sidebar always reflects current tenant.

🏷

White-label logos

Upload a logo per Cyber Corp; it replaces the brand mark for every downstream client and on every generated executive report.

🔑

Per-tenant scope toggles

Disable provider or client monitoring per tenant; dashboards, alerts and AI reports respect that scope automatically.

🔐

SSO (Google & Microsoft)

Sign in via OAuth on Azure AD or Google Workspace. Falls back to local password + reset link if SSO isn't configured.

🛡

Tenant isolation by design

Every URL is slug-scoped and validated server-side. A Cyber Corp can never see another Cyber Corp's data — enforced at the decorator level.

Accessibility & mobile

WCAG-AA contrast, screen-reader-labelled charts, keyboard skip links, sidebar collapses to off-canvas on mobile. Works on a phone, not just a 27-inch monitor.

See your own exposure on a real scan

The Proof of Value runs Monitor + Triage on your primary domain, free, for qualified organizations.