HaveIBeenPwned

The integration between ThreatConnect and Have I Been Pwned allows users to query Have I Been Pwned for breach information on a given email address and return additional context to Threatconnect around a given breach. The following are actions included in the Playbook App:

• Get Breaches for Email Address
• Get Breach Information

This listing can be found in the ThreatConnect App Catalog under the name Have I Been Pwned?.

The Polarity - HaveIBeenPwned integration enables analysts to have a quick understanding if anyone in their organization has had their credentials compromised. Enabling them to make quick decisions to force users to change passwords or have insights into how a breach could be occurring.

Examples

HaveIBeenPwned Data Overview

• Summary Tags: Quickly get an understanding of the different data breaches associated with an email.
• Breach Information: High level information about a breach, such as: date of breach and number accounts involved in the data breach. This and the breach description are repeated for users to get a full understanding of when and what occurred with a breach.
• Breach Description: In depth analysis on what occurred during the breach.