Showing results for 
Search instead for 
Did you mean: 
Create Post

Introducing SolarWinds Identity Monitor

Product Manager

I'm excited to announce general availability of SolarWinds Identity Monitor, an easy-to-use cloud-based service specialized in preventing account takeover. Identity Monitor is enabled through a partnership with SpyCloud, experts in recovering data breach information. Since this is the introductory post about Identity Monitor, I wanted to talk about the main problem it solves and then give you a quick overview of the product.

What Is Account Takeover?

Account takeover is exactly what it sounds like--when a bad guy obtains your credentials associated with one site, and then tries to use them to take over your accounts on other sites.

As someone in IT, you probably use unique, strong passwords with multi-factor authentication for every site or service you use (right?), and at work, you probably enforce secure policies for the servers and applications you control, but... are your users as careful as you?  Do they ever reuse passwords, mixing them across work with non-work services? They do, and this is why account takeover works--because once the bad guys get one set of credentials, they try them on hundreds of other sites using credential stuffing tools to find out what else they can access... and then the bad stuff starts to happen.

How Do You Prevent Account Takeover?

You can take all the preventative steps in the world, but there will continue to be data breaches where your credentials and information are taken, and once your credentials are compromised, the only way you protect yourself is to change your credentials. Seems simple--but first you have to know you've have been compromised to take action.

Identity Monitor has billions of records from previous data breaches and can tell you if you or your company are compromised right now. Identity Monitor presents this data in a timeline and summarize it into asset types, allowing you drill down on specific breaches in the past and see what credentials were exposed.  Data can include usernames, email addresses, passwords (both encrypted and unencrypted), addresses, birthdays, phone numbers--almost anything you've ever entered into a website.

Identity Monitor continuously scours the internet for new data breaches, and as this new information is ingested, it will analyze the data and alert you to new compromises. Speed is the key here--you need to know about new compromises of your users as fast as possible.

If the hair on the back of your neck is standing up and you're ready to see how deep the rabbit hole goes, go sign up for a free Identity Monitor account.   Otherwise, let's look at how Identity Monitor works, evaluate how compromised your company is right now, and find out what kind of information you might see.

Am I Compromised Right Now?

As IT professionals, part of our job is to protect our companies physical and digital assets. Let's log in, look at timelines, and drill into some detail. Here I have one domain registered ( and I can see the timeline of breaches on top, the most recent breaches on the right, and the types of compromised information.


Let's take a closer look at the breached asset types.


You can see how email addresses are compromised, how many passwords are known, and the amount of Personal Identifiable information available. Let drill down on the emails and see what's exposed. I'll pick the first one since it was just a few days ago and is marked critical... and I'll click to expose the password (which turns out to be "secret").


I am also interested to see what personal information is available, so I click View Raw Data.


Here you can see the extensive amount of personally identifiable information... and it's scary.

Once you get a feel for the scope and type of exposure your company and employees have, you can address the current situation, and then decide how to improve your processes going forward. Each breach has advice on remediation too.

Ongoing Protection

Let's says we've addressed all the problems Identity Monitor found, but sadly we know another security breach is around the corner (just look at the history on the timeline). How does Identity Monitor protect us going forward? By continuously scouring the internet for new breaches, digesting the data as quickly as possible, and alerting you. In the Email Assets example above, you can see there were only a few days between the breach date and the date it published in Identity Monitor. We also get this handy email alert telling us there was a breach and link us to the details:


And you aren't limited to just your domain. You can extend your protection to any email address as long as the email owner gives permission.  This is great for watching personal emails of critical employees (like your executive team), DL used for signing up for external services, or any other email used for company business.

Sign up now for free! Pricing is by number of employees and starts at $1795 USD for 100 employees.

These are the primary use cases Identity Monitor covers, but there's more--be watching for more blog posts.

Level 12

great product

Level 8

Agreed... This looks really good.  Already forwarded to our security group to review.

Level 11

is there a price list for the 5 different subscriptions?


Very nice!

Tools like this are so important. How many problems get their start on the inside of the network. Sometimes the professionals that know better are the culprits. How many of us use admin accounts to log into our computers? Yet, we all know that we should be using an account with very little privilege and only running things as admin when necessary. Yes, that means 2 separate accounts and separate passwords, but would you rather have your admin account compromised or your limited rights user account?

About the Author
Ok, so I have been a geek for a long time, went to UT finally ended up at a startup, Tek-Tools where we built a monitoring and reporting product for Servers, Backups, Storage and Applications. In Jan 2010, Solarwinds bought Tek-Tools, and I was added to the PM team. When my mind actually wonders from making our products better, I am generally spending time with my family, reading, watching sports, arguing politics or tinkering with stuff (it can always be made better), with the occasional camping trip thrown in for good measure.