Cavalier™: The Industry's Most Robust Compromised Credentials Data Source

“Remarkable high-fidelity data granularity.”
Cavalier™ is based on forensic technologies and operational knowhow developed at the IDF’s 8200 Unit to counter nation-state adversaries and professional threat-actors. It is a unique cybercrime intelligence data source composed of millions of machines compromised in global malware spreading campaigns.

Our high-fidelity data is sourced directly from threat actors
and augmented monthly with hundreds of thousands of new compromised machines.


Compromised Machines


Compromised Employees

Trusted by Security Teams at Leading Companies.

Our customers Rapid7
Our customers KOVRR
Our customers Panorays
Our customers Rapid7
Our customers KOVRR
Our customers Panorays
Cavalier’s™ high-fidelity data protects employees, partners, customers, and digital assets with unprecedented granularity of threat vectors including Ransomware, Business Espionage, Breaches & Network Overtakes.

Cavalier™ is Available for:

  • Security & Threat Intelligence Teams
  • Cyber-Insurance Providers
  • 3rd Party Risk Assessment Providers
  • MSSPs
  • Governmental Agencies

Cavalier™ Data Spans these Sectors:

  • Banking & Finance
  • Insurance
  • Crypto & FinTech
  • Pharmaceutical
  • Retail & eCommerce
  • Healthcare
  • Consumer Services
  • Food & Beverage
  • Manufacturing
  • Automotive
  • Oil & Gas
  • Legal
  • Gaming & Leisure
  • Telecom

Cavalier™ Data:

  • Compromised Employees
  • Compromised Customers & Users
  • Compromised Vendors
  • Compromised Android Users
  • Compromised Leaked Databases
  • Compromised CXO’s & Family Members

Access Cavalier™ Data:

  • Web
  • API
  • JSON
  • Email
  • Custom

Import Cavalier™ Data:

  • SIEM
  • SOAR
  • EDR

Cavalier™ Data Spans:

Allows hackers to use existing sessions of victims by importing their cookies and bypass 2fa and other security measurements.
URL accessed by the victim, their login credentials and plaintext passwords,  are used by hackers to hack into employee and user accounts. The credentials are retrieved directly from the browsers of the victims and are therefore almost always valid.
The IP address of the compromised computer.
Malware Path
The path on the computer in which the infostealer malware was installed on.
The date in which the computer was infected.
Operating System
Which operating system was installed on the infected computer.
Computer Name
The username of the computer that was infected assists in identifying which computer was infected as sometimes employees share credentials, complicating attribution.
Installed Anti-Viruses
A list of the anti-viruses running on the computer at the time of the infection.