Data Leak Assessment

Need A Corporate Data Leak Assessment? Call ComSec LLC at 800-615-0392 !

ComSec LLC BBB Rating           

Are Your Sensitive Corporate Documents and/or Data Publicly Accessible?

Our Corporate Data Leak Assessment uses Open Source Intelligence (OSINT) techniques to identify sensitive corporate documents and/or data from company Data Leak Assessmentwebsite(s) and/or network(s) that are publicly accessible. Whether the corporate documents and/or data were stolen, leaked or otherwise unintentionally became accessible or visible on the open Internet, the company is at risk simply because the information is publicly accessible.

Many companies are unaware that their sensitive company documents and/or data are publicly accessible until:

  1. A Corporate Data Leak Assessment is performed; or
  2. The company’s information and/or data is used to their detriment and the company must take action.


When Was the Last Time Your Company Performed a Data Leak Assessment?

What Exposures May Your Company Be Unaware Of?

A ComSec Corporate Data Leak Assessment will arm your company with valuable information to improve network security controls, and reduce corporate exposures.



Data Leak Assessment

Data Leak Assessment Process:

  • You provide the company’s standard for documents and data deemed sensitive;
  • We develop a list of keywords with your team’s input (e.g. confidential, for internal use only, limited distribution, e.g.);
  • We create custom search engines and conduct tailored searches for your company information and data;
  • Initial scans are conducted on the Internet, including the deep web and the dark web;
  • We provide a report with the results for the initial scan; and
  • Periodic or incremental scans can be provided to detect new exposures over time.


Data Leak Assessment Strategy:

The strategy of the OSINT Data Leak Assessment is to assess the type and amount of sensitive company information on the Internet that can be obtained for free by legal and ethical means. The client can then use this information to examine company network security controls, correct issues and take action to remove the discovered information from the Internet. And, by implementing periodic or incremental scans, the company can improve both their time to detection and responsiveness to these types of corporate cyber threats.


What Type of Information Can Be Revealed?

  • Login and password files;
  • Internal memos;
  • Personally identifiable information (PII);
  • Health Insurance Portability and Accountability (HIPPA) information;
  • Client lists with point of contact information;
  • Purchasing contracts;
  • Accounting records;
  • Financial data;
  • Supplier lists;
  • Intellectual property;
  • Operational and inventory information;
  • etc.


OSINT's Value in Data Leak Assessments

OSINT or Open Source Intelligence is a military term for information that is available publicly for free and is accessed or gathered by legal and ethical means.

Benefits of OSINT:

  • OSINT is generally a less expensive means of gathering intelligence than other methods.
  • Great Return on investment (ROI) for your intelligence gathering expenditures.
  • Open sources of information are updated frequently (robot scrubbing of data, search engine crawling, etc.)
  • Information that is gathered from open sources can be shared with anyone legally.


Our OSINT Expert:

Len Gonzales ComSec OSINTLen Gonzales brings over 30 years of experience in military and Department of Defense intelligence, including a 21-year Naval career as an Intelligence Analyst and nine years as a Cyber Intelligence Analyst with the Naval Criminal Investigative Service (NCIS).  He is a cyber security specialist who implements Open Source Intelligence (OSINT) techniques to resolve complex issues in the cyber domain.  Utilizing OSINT, he has successfully conducted and participated in online or cyber investigations for multiple state, federal, and international law enforcement agencies.




Employing an OSINT Data Leak Assessments as part of your corporate threat detection strategy, along with routine Counter Surveillance services, can further reduce your corporate risks of information/data exposures. Contact ComSec today for a quote, or to get additional information.