What is social media monitoring?

Social media monitoring is the practice of gathering and overseeing public activity on social media. Monitoring tools are designed to aggregate publicly available data from multiple networks, and display it in a format that is digestible by the end user.

Social media monitoring tools pull information from a range of social networks as well as some traditional media outlets. These tools do not have access to private data.

While many companies provide monitoring capabilities that are geared towards marketing and engagement, Echosec focuses on functionality and data sources geared towards security and threat intelligence.

Read more about Social Media Monitoring

What networks does Echosec Systems access?

Our platforms gather data from thousands of well known and niche sources including deep and dark web sites, social media, discussion forums, news sites, and databases.

Our sources include but are not exclusive to:

  • Twitter
  • Youtube
  • Reddit
  • VKontakte
  • Discord 
  • Telegram
  • Gab
  • Raddle
  • Tor
  • IRC
  • Pastebin
  • Deep Paste

Contact us for the complete list of data sources.

Can you add new data sources upon request?

Yes! The needs of our users inform the data sources provided. We take the legality of our sources very seriously, so we review each request and implement when possible.

Why not Facebook and Instagram?

In March 2018, news broke that the political consulting firm, Cambridge Analytica, had collected and used Facebook user data to inform political campaigns. This data was exploited without user consent, violating user data rights and privacy.

Long before the scandal, both Facebook and Instagram had begun tightening their security settings to disallow broad monitoring. That means data aggregation platforms, including Echosec, have not had terms-compliant access to these data providers since 2016. Compliance and ethics are at the forefront of Echosec Systems’ mission and product design—the platform only collects public data in compliance with each data provider’s acceptable use policies, as well as acceptable use policies to comply with regulations such as the GDPR.

If an Echosec user has access to Twitter as a data provider, Facebook and Instagram content is aggregated only if the content was publicly cross-posted to Twitter. Read more in this article.

Who uses Echosec and Beacon?

Echosec and Beacon are built to provide mission-critical information about digital and physical threats for security and public safety teams. 

Our corporate security clients are primarily in-house security teams in retail, oil and gas, healthcare, e-commerce, and manufacturing. Our public sector clients are intelligence agencies, fusion centres, regional and national law enforcement and defense.

How does Beacon work with the other Echosec offerings?


All three of our offerings work in concert as part of a threat intelligence gathering solution. Depending on which stage of the breach you are involved in, each tool will provide different information pertaining to the investigation. Download this overview to learn more about our entire suite of offerings.
How much does the platform cost?

Echosec and Beacon have customized pricing tiers depending on your team size and data requirements. Contact us to book a call with our team.

Our corporate security clients are primarily in-house security teams in retail, oil and gas, healthcare, e-commerce, and manufacturing. Our public sector clients are intelligence agencies, fusion centres, regional and national law enforcement and defense.

Do you offer training?


Yes! We offer comprehensive onboarding with the tools. We also provide in-house training options, and we partner with excellent network of OSINT trainers for users who are new to running online investigations.

Our goal at Echosec Systems is to set you up for success with our platform. 

Learn more about Customer Success with Echosec Systems.

Can I see a demo?

Yes. Book a demo using this form.

How does the technology work?

In less than a second, our service is capable of contacting thousands of data sources, and aggregating and normalizing their response. Our systems scan the web for images and priority keywords around the clock, so our clients are alerted when issues arise.

Learn more about our technology.

Does Echosec Systems have an API?

Yes. The Echosec Systems Platform API provides access to a mixture of social media, deep, and dark web data sources that are otherwise not searchable through most commercial and official APIs.

Searchable content is tagged and classified by Echosec Systems' threat models to aid in business risk intelligence automation.

Download the free overview to learn more.

What is deep and dark web search?

The deep web includes any online content that is not discoverable or indexed in common search engines like Google. The deep web comprises about 90% of all web content. It consists of mostly benign or private information, such as banking pages or internet archives—but it also includes forums, classifieds, and paste sites. These sites are frequently used by hackers. 

The dark web is a small corner of the deep web that is only accessible through Tor, which anonymizes users through a process called “onion routing.” The dark web consists mainly of discussion sites and marketplaces. This is where cybercriminals sell and discuss a variety of illegal goods and services. 

Beacon is a deep and dark web search platform which allows users to safely explore hidden web content to detect threatening content.  A user-friendly interface enables individuals of all technical backgrounds to begin searching immediately. In addition, advanced search filters enable technical users with experience in cybersecurity to define detailed search parameters.

Do you have to download anything or use a specific browser to use Beacon?

No. Beacon is a web-based application and can be used within a standard web browser.

Is Beacon safe to use?

Yes. With Beacon, you get aggregated data from deep and dark web sites without having to access the dark web yourself. This ensures you and your system are protected.

Can you see where Beacon goes to retrieve the information?

Yes, we always provide the original information for users to follow through if they choose.

Does your product show when a data breach took place?

Beacon shows which date the breach was disclosed on the sources we crawl. Often it is an evolving situation - the breach incident often takes place prior to the disclosure. So It really depends on which stage of the breach lifecycle the disclosure took place.

Are you able to remove the info you find from the dark web?

We specialize in helping our end users find the information quickly, safely, and effectively. Security teams action their risk management strategies based on the intelligence provided. The Beacon tool itself does not remove or edit posts.

Do I need TOR?

Yes and no. Beacon finds the data that pertains to your search parameters, and leads you to the parsed data associated with it, including any URLs accessible with a Tor browser. To follow any .onion links delivered on Beacon, you will need to use a Tor browser, however you will have a direct URL to the page containing the information you are looking for, as opposed to searching in the dark.

Why isn't TOR with a VPN enough?

You can use TOR combined with a VPN, however it is quite cumbersome. Using a search index through a data aggregator will speed up the process significantly. There is also some level of knowledge and skill involved in navigating these underground sites. Beacon adds an extra layer of security as well as speeding up the process.

On a webinar I saw that Beacon returns a hashed password, why is that?

Beacon will return a hashed password and/or a dehashed password if available. Both are important. Dehashed passwords (plain text passwords) are a larger concern, however password hashes may still be used to find commonly used passwords, as they may share the same hash, and the hashed password may still be reversed at some point by an attacker using cracking software.

If my company uses a password manager and change them regularly. Am I still at risk if my work email is involved in a data breach?

These are great steps to ensuring data privacy. They will get you about 80% of the way there. There is still potential for breached data, as 70% of attacks occur not through login credentials, but  security architecture vulnerabilities or inside threat actors.