Leaked Credentials
>31Bn
Leaked credentials from around the world
>625M
Validated & deduplicated credential profiles ready for defensive use
17.5k
Dark web user profiles, mapped to the surface web using breach data
>12M
Cross-reference dark & deep web leaks with real-world entities & infra
Leaked Credentials
Dendrite’s proprietary database and record structure enables analysts, including cybersecurity firms, companies, researchers, and government agencies, to rapidly query leaked credential databases (aka “Breach Data”) for defensive analysis. Easily searchable through our CLI Utility, API or Unified Web Platform and pre-correlated to records from our other data sources, our leaked credential database holds more than 31 billion records, dynamically masked in a manner that protects public privacy while providing maximum intelligence value to our clients and partners.
How it’s used:
-
Set alerts or cross-reference leaked credentials against your user base, automatically triggering password reset enforcement while preemptively securing sensitive resource access and preventing follow-on attacks.
-
Leaked data often includes contextual details, enabling attackers to craft personalized phishing emails or smishing (SMS phishing attacks, increasing their success rates. Dendrite clients leverage this data to mitigate risks facing their employees and organization from this attack vector.
-
Combine breach data with external asset discovery to map an organization's full identity attack surface. Identify exposed employee credentials, overly permissive service accounts, or third-party vendor leaks that could enable supply-chain compromise. This helps prioritize remediation and supports zero-trust initiatives by highlighting privilege escalation paths.
-
Scan for leaks involving partners, suppliers, or SaaS providers that grant indirect access to your environment. Alert on compromised vendor credentials or mentions of your organization in breach dumps tied to trusted third parties—critical given the rise in supply-chain and vendor-driven incidents.
-
Continuously updated and pre-correlated to our other data sources, breach data empowers CTI professionals to streamline complicated task chains, such as threat actor tracking & attribution and triage high-risk exposures (e.g., privileged accounts).
-
Un-edited, un-masked versions of this dataset are available to law enforcement agencies (LEA), Defense Contractors, and trusted organizations from Tier 1 countries.
Part of the Complete Data Platform
Each of our core capabilities is represented by a fully independent extract, transform and load (ETL) pipeline, enabling Dendrite to ingest and correlate data between technically disparate resources and infrastructure. All leaked credential records are enriched with many hundreds of additional data points, linking dark web services, users, communication hubs and historical records to Command & Control servers and more.
Use-Cases in Contrast: Adversaries vs. Defenders
Breach data is most commonly associated with malicious actors and red team engagements. However, this data serves as an extremely high fidelity data set to intelligence and blue team analysts in your organizations defense.
So many things in development
Our pursuit of perfection in enterprise defense mandates that every stone is upturned - no matter how fringe the case or how difficult the path to development may be.
With dozens of POC’s and MVP’s in the works, our researchers and development teams work to continuously deliver bleeding edge capabilities to the Dendrite Unfed Platform and data sources.
Get in touch
Interested in learning more, scheduling a demo or speaking with our team? Get in contact with us - we'd love to hear from you.