Applies To: AuthPoint Total Identity Security
A data breach is the intentional or unintentional release of secure or confidential information to an untrusted environment such as the dark web. AuthPoint Total Identity Security includes a Dark Web Monitor service to help you monitor and protect your domains.
With the Dark Web Monitor service, WatchGuard actively monitors data breaches for up to three of your domains. If a data breach is found to include your email addresses and domains, you are notified.
Configure Dark Web Monitor
When you add a domain, you must select one of these email addresses for authorization requests:
- security@<yourdomain>
- webmaster@<yourdomain>
- postmaster@<yourdomain>
- hostmaster@<yourdomain>
To make sure that you own the domain, WatchGuard sends an authorization request to the selected email address. You cannot specify a custom email address for authorization requests. If you do not have any of these email addresses for the domain, you must create one.
To configure Dark Web Monitor for a domain, in WatchGuard Cloud:
- Select Administration > Dark Web Monitoring.
The Dark Web Monitoring page opens.
- Click Add Domain.
The Add Domain page opens.
- In the Domain text box, enter your domain name, such as example.com.
- From the Email drop-down list, select the email address you want to send authorization requests to. Authorization is required to monitor data breaches for the domain, and to update Dark Web Monitor domain settings in WatchGuard Cloud.
You cannot specify a custom email address for authorization requests. If none of the listed email addresses exist, you must create one.
- Select the email addresses you want to receive notifications when Dark Web Monitor detects a data breach that includes an email address from your domain. You must select at least one email address.
If you select the breached email address, the UI gives you the option to include the exposed password (and any other sensitive data) in the email message that is sent to the breached email address. If you choose to include the exposed password, this information is not sent to any other selected email addresses.To send a notification to the authorization email address, you must select the check box next to that email address.
- (Optional) To send notifications to other email addresses, in the Additional Emails text box, type the email address and press the Enter key. You can specify up to 10 email addresses to send notifications to.
- Click Save.
When you add a domain, Dark Web Monitor sends an authorization request to the email address you specified and the status of your domain appears as Pending Approval. You must click the link in the authorization email to approve the request before Dark Web Monitoring begins to monitor your domain. After you approve the request, the domain status changes to Active Monitoring.
If you update your domain in WatchGuard Cloud, you receive and must approve another authorization request before the changes take effect.
The authorization email is valid for one hour. After one hour, you cannot use the link in the email message to authorize Dark Web Monitoring for your domain. You must resend the authorization email message.
To resend the authorization email message:
- Select Administration > Dark Web Monitoring.
The Dark Web Monitoring page opens. - Next to the domain, click
and select Resend authorization request.
