Cyveillance


Cyveillance is an American cybersecurity company founded in 1997 and based in Reston, Virginia. The company provides cybersecurity services including brand protection, social media monitoring, and threat investigation, analysis, and response services. Its Cyveillance Intelligence Center subscription-based product monitors for information leaks, phishing and malware attacks and other online fraud schemes; sale of stolen credit and debit card numbers, counterfeiting, and trademark and brand abuse.
The company was acquired by ZeroFox in October 2020.

History

Cyveillance was founded in 1997 by Brandy Thomas, Christopher Young, Mark Bildner, and Jason Thomas. It was originally called Online Monitoring Services but was renamed in 1998 to Cyveillance.
From 1997 to 2009, Cyveillance was a privately held company. QinetiQ North America, a provider of information technology and engineering solutions to the U.S. government, acquired Cyveillance in May 2009. In 2013 QinetiQ North America expanded the Cyveillance management team by the appointment of technical and marketing executives. The acquisition was made for an initial cash consideration of $40 million.
LookingGlass Cyber Solutions purchased Cyveillance in 2015 and re-launched the brand in May 2020. In October of that year, the Baltimore-based digital risk protection company ZeroFox acquired Cyveillance.
The company's clients include the United States Secret Service, which contracts Cyveillance to search available information related to the Secret Service and its missions. Information obtained through Cyveillance is incorporated into the Protective Research Information Management System (PRISM), an existing Secret Service system.The company also serves clients in the financial services, energy, technology, retail, and pharmaceutical sectors, providing open-source internet intelligence to more than 400 clients.

Criticisms

Criticisms of Cyveillance traffic have included the following:
  1. Their robots send many fake HTTP attacks which are a cover channel for deadly timeout attacks that easily disrupt Apache and IIS servers.
  2. They use a falsified user-agent string, usually pretending to be some version of Microsoft Internet Explorer on some version of Windows, which can throw off log analysis.
  3. Because they falsify their user-agent string and otherwise obscure their identity,, individuals may not be aware of the existence of Cyveillance and the data its collects and reports to the Secret Service.
On 2 July 2014 Cyveillance sent a DMCA takedown notice to GitHub on behalf of Qualcomm which caused 116 files to be blocked on GitHub. Some of the blocked repositories were owned by CyanogenMod, Sony Mobile and even one of Qualcomm's own repositories leading to speculation that the notices have been automatically generated and poorly checked. On July 5, 2014, Qualcomm withdrew all takedown notices, issued an apology, and announced plans to review all the files.