AiT Darkweb MonitorRun by Manny — your darkweb radar

Alert delivery

6 mock destinations. Routing is severity-floor + escalation chain.

  • Slack#sec-darkweb-critical
    live
    Floorcritical
    Targetslack://workspace/example-corp/#sec-darkweb-critical
    Escalation

    Manny -> SOC L1 (immediate) -> SecOps Lead (15m)

  • Slack#sec-darkweb-feed
    live
    Floorlow
    Targetslack://workspace/example-corp/#sec-darkweb-feed
    Escalation

    Feed-only; no escalation.

  • Emailsoc-distro@example.com
    live
    Floorhigh
    Targetmailto:soc-distro@example.com
    Escalation

    Distribution list; auto-ticket if unread > 30m.

  • ServiceNowServiceNow — SOC queue
    live
    Floorhigh
    Targethttps://example-corp.service-now.com/api/incident
    Escalation

    Auto-INC at high+; assign group SOC-L2.

  • MS TeamsTeams — Exec briefings
    live
    Floorcritical
    Targethttps://example.webhook.office.com/REDACTED
    Escalation

    Exec channel; criticals only; CFO/CEO tagged.

  • PagerDutyPagerDuty — DarkWeb on-call
    paused
    Floorcritical
    Targethttps://events.pagerduty.com/REDACTED
    Escalation

    P1 page on critical; rotates SOC primary -> secondary at 15m.