AI meets cybersecurity: Flare debuts Threat Flow for dark web activity reporting

Flare, the global leader in Threat Exposure Management, has announced the launch of Threat Flow, the security industry’s first transparent generative AI application that delivers timely, relevant, and trustworthy reports of threat actor activity on the dark web, enabling scaled research and reporting for security teams.

Extracting contextual and actionable insights from dark web sources poses significant technical and logistical challenges. While large language model (LLM) use cases for threat intelligence are promising, LLM’s are often opaque and difficult to verify, leaving security leaders skeptical. 

Flare’s platform continuously monitors and scrapes activity from dark web forums. Threat Flow then structures this data into unit summaries, and assigns metadata and attribution tags to optimize it for report generation. 

While most currently available generative AI security applications are used to simply summarize alerts or events, Threat Flow allows users to interact with entirely raw and continuously updated dark web data sets, providing direct access to primary sources for researchers to leverage in their own way, or for security leaders to generate reliable and contextual reports. 

With Threat Flow, users are provided with:

• Concise and current summaries of cybercriminal activity
• Intelligence tailored specifically to the business context of the customer
• Automated report generation
• A transparent architecture that allows users to see individually sourced information

The validation and quality assurance of Threat Flow was completed in concert with members of the EconCrime Lab at the University of Montreal, and the findings released in a report entitled, “The Use of Large Language Models (LLM) for Cyber Threat Intelligence (CTI) in Cybercrime Forums”. The research concluded that Threat Flow outputs are 98% accurate in correctly classifying dark web data across 10 different CTI variables. Threat Flow is the first threat intelligence focused GenAI product to be validated for accuracy in this way.  

“We are excited to launch Threat Flow, and to offer threat hunters, CTI analysts, and research teams an unprecedented depth of actionable intelligence,” said Serge-Olivier Paquette, Chief Product Officer at Flare. “This platform shows how language models can provide deep insights into threat actor activities, and opens the door to other emerging threat analytics. We believe this technology is a game changer in cyber threat intelligence, and are eager to see its impact on strengthening our customers’ cybersecurity defenses.”

This article includes a client of an Espacio portfolio company.