FAQs - datasurfr FAQs - datasurfr
loader
banner
What is external Critical Event Monitoring?

External critical event monitoring refers to the process of actively monitoring and tracking events or incidents that occur outside of an organization but have the potential to impact its operations, assets, or stakeholders. It involves collecting real-time information from various sources, such as news outlets, government agencies, international organizations, social media, and specialized threat intelligence feeds.

Why is external Critical Event Monitoring important?

External critical event monitoring is crucial for organizations as it enables them to identify emerging threats, assess their potential impact, and take proactive measures to mitigate risks and ensure business continuity. Additionally, external critical event monitoring plays a vital role in enhancing organizational resilience, protecting reputation, ensuring regulatory compliance, informing strategic decision-making, and safeguarding stakeholders’ interests in an increasingly complex and interconnected world.

Is datasurfr a proprietary tool of MitKat?

Yes.

Which communication modes are available to access datasurfr data?

It can be accessed using Web Application, Mobile Application (Android and IoS), APIs, E-mail and WhatsApp.

What is the scope of operations for datasurfr?

The scope of operations for datasurfr encompasses the provision of operational risk data and intelligence across 12 non-financial risk categories. These categories include Civil Disturbance, Crime, Extremism, External Threat, Environmental, Natural Disasters, Health, Critical Infrastructure, Technological, Political, Travel, and Regulatory risks. By covering a diverse range of risk factors, datasurfr offers comprehensive insights and analysis to support decision-making and risk management efforts across various sectors and industries.

How do you ensure authenticated intelligence without misinformation and disinformation?

To ensure authenticated intelligence without misinformation and disinformation, MitKat employs a rigorous vetting process for gathered information before sharing it with clients. This involves sourcing data through official channels and multiple reliable sources. Continual review of open-source intelligence (OSINT) sources is conducted, with any blacklisted sources promptly removed from the portal. Our analysts corroborate information using at least two trustworthy sources, and official OSINT sources are prioritized for important updates, including weather alerts and prohibitory orders, sourced from official websites and verified social media handles. Additionally, when necessary, we directly contact local administration and police authorities to authenticate information further. This comprehensive approach ensures that the intelligence provided to clients is accurate, reliable, and free from misinformation or disinformation.

Can we have access to the information regarding actions taken by other organizations in case of a particular risk event?

Yes, datasurfr offers access to benchmarking surveys created for security professionals in the industry. These surveys provide insights into actions taken by peer organizations in response to particular risk events. We ensure the highest level of anonymity, withholding specific names or detailed information beyond essential facets such as industry, area of operations, and actions taken. These benchmarking surveys are conducted for critical events assessed to have a significant impact on corporations across industries, determined through internal deliberations with the senior MitKat team. However, it’s important to note that these surveys are not conducted for all events but focus on those deemed critical for industry professionals.

How many SME/risk analyst work in your team to produce risk intelligence?

datasurfr team has 15+ surfrs (first layer of analysts curating the data) and 25+ subject matter experts producing risk intelligence.

Which languages are supported by datasurfr?

There is no limitation on integrating any language into the database. The output will be in English.

Which geographies are covered 24x7 in datasurfr?

datasurfr provides global access which includes all countries from APAC, Americas, Western Europe, and Selected countries from Africa and Middle East.

How does datasurfr make use of AI?

datasurfr utilizes advanced AI to identify real-time operational risks within a continuous stream of public data. The robust machine learning models, trained over five years on meticulously tagged events, ensure accuracy. Multilingual capabilities, spanning 40+ languages, reduce data noise, providing a tailored data stream for further processing. Additionally, NLP-driven metadata extraction adds structural clarity to incoming events. The integration of Generative AI APIs from third-party sources enhances overall efficiency, assisting our algorithms at various stages and ensuring optimal performance.

Where is datasurfr hosted and in which location?

datasurfr is hosted on AWS Cloud in Mumbai, India.

Can datasurfr intelligence be integrated into 3rd party ENS or Mass notification?

Yes, through APIs.

How many users have access to one subscription package?

As of now, this is based on an enterprise license model. So multiple logins for an organization can be created based on requirement.

How do you ensure uninterrupted service?

To guarantee uninterrupted service for our clients, we’ve implemented a multifaceted approach. Firstly, we employ a suite of monitoring tools provided by AWS cloud, continuously overseeing all servers and databases across various parameters. Any deviations from expected performance levels trigger immediate alarms, enabling swift response and resolution. Additionally, we’ve partnered with an AWS-authorized vendor, Rapyder, who conducts 24/7 monitoring of our system to detect and address any potential disturbances. Moreover, we’ve established redundancy by running two sets of applications simultaneously on different instances. This ensures that even in the event of a failure or disruption affecting one set of applications, the other remains active, minimizing downtime and ensuring continuous service availability. Furthermore, our disaster recovery protocols adhere to ISO 27001 guidelines, providing robust measures to mitigate risks and swiftly recover from any disruptions. Through these comprehensive measures, we’re committed to delivering seamless and uninterrupted service to our clients, regardless of any challenges that may arise.

What steps are undertaken to ensure cybersecurity?

To ensure robust cybersecurity measures, we employ a comprehensive strategy encompassing multiple layers of protection and proactive practices. Firstly, our application is fully compliant with ISO 27001 standards, leveraging its structured approach to manage and safeguard information assets against a wide array of security threats. We further bolster our defenses by utilizing Web Application Firewalls (WAF) across all our applications, providing enhanced protection against various cyber-attacks. In terms of development practices, we prioritize secure coding techniques such as input validation, output encoding, and parameterized queries to mitigate common vulnerabilities like SQL injection and Cross-Site Scripting (XSS). Authentication and authorization mechanisms are robustly enforced through protocols like JWT and OAuth, ensuring that only authorized users have access to our application and its resources. Additionally, sensitive data is encrypted both in transit and at rest, bolstering confidentiality and integrity. Access control measures, including Role-Based Access Control (RBAC), are implemented to limit user access based on defined roles and responsibilities. Our APIs are fortified with HTTPS/TLS encryption, API key management, and input validation to prevent abuse and unauthorized access. Regular security audits and penetration testing help identify and address vulnerabilities proactively, while continuous monitoring and logging mechanisms enable real-time detection and response to security incidents. Through these comprehensive measures, we strive to maintain a high level of cybersecurity and protect our systems and data from evolving threats.

What is recovery time in case of downtime?

In the event of a technical issue with a particular feature, our response and recovery time are estimated to be within 24 hours. However, in total application downtime, our response time is estimated at 10 minutes, ensuring swift acknowledgment and initiation of recovery efforts. We aim to restore full functionality within a maximum recovery time of 1 hour, minimizing any disruptions to our services and ensuring prompt restoration of service availability to our clients.

Can we add/delete locations and user access?

Yes.