Live threat intel

Threats, in the open.

Curated CISA KEV feed, IOC matching, dark-web exposure, and TLP-classified intel sharing.

HorizonShield threat intelligence workspace with vulnerability, breach, and operator context
Live CISA KEV and breach context presented as an operator-ready intelligence surface.
Latest public breach (HIBP)
Fluke · fluke.com
821,100 accounts compromised · breach date 2026-07-01
Email addressesEmployersJob titlesNamesPhysical addressesSupport tickets
Recent CISA KEV adds
KEVCVE-2026-58644Microsoft2026-07-16
KEVCVE-2026-39808Fortinet2026-07-16
KEVCVE-2026-25089Fortinet2026-07-16
KEVCVE-2026-46817Oracle2026-07-15
KEVCVE-2023-4346KNX Association2026-07-15

IOC matching

Continuous match of your assets against known indicators — file hashes, IPs, domains, JA3.

Dark-web exposure

Tor-based monitoring of paste sites and underground markets for credentials, customer data, source code.

TLP-classified sharing

Receive and contribute to TLP:AMBER/GREEN intel feeds. Private indicator sharing with peers.