CyberPeace Institute
Fabien Leimgruber (Head of Cyber Resilience)
1. Can you briefly introduce your company and describe your role within the organization?
The CyberPeace Institute is an independent, neutral nonprofit organization based in Geneva, Switzerland. Its mission is to reduce the harms of cyberattacks on people and to ensure the rights of vulnerable communities are safeguarded in cyberspace. Through the CyberPeace Builders program, the Institute provides cybersecurity assistance, threat intelligence, incident response support, and resilience-building services to nonprofits worldwide.
As the Head of Cyber Resilience, I’m overseeing the CyberPeace Builders program and the training activities
2. What specific challenge or security concern prompted you to look for a cyber threat intelligence solution—particularly one focused on darknet monitoring?
Many of the nonprofits we support had no real way to know if they were being talked about or traded on darknet. They were essentially flying blind while still handling sensitive data and working in high-risk contexts. We were looking for a trusted partner that could give us clear visibility into darknet activity and help us turn that intelligence into concrete protection for nonprofits, without adding complexity or noise.
3. Which other solutions did you evaluate before choosing Kaduu, and what were the key criteria that influenced your final decision? If you dont want to share brands, please just focus on the second part of the question.
Our decision was driven by a few key points: the quality and relevance of the data, how reliable and consistent the collection was, how quickly we could move from “alert” to “action,” and whether volunteers from different companies could pick it up without long training. We prioritized a solution that was stable, practical in day-to-day operations, and clearly oriented toward real incidents rather than generic threat feeds. And of course our amazing relationship with Oliver!
4. Since adopting Kaduu, what aspects of the platform do you value most? Are there any features or workflows you feel could be improved?
What we value most is how easy Kaduu is for volunteers to use. People from different companies and backgrounds can log in and quickly understand what matters without needing long training. The alerts are relevant and focused, so analysts don’t waste time sorting through noise. On top of that, the API is a major strength for us: it lets us plug Kaduu’s findings directly into our internal incident pipelines so darknet intelligence becomes a natural part of how we triage, investigate, and respond for nonprofits.
5. How do you integrate Kaduu’s data into your internal processes or security environment? Do you have automations, alerts, or incident workflows connected to it?
We use Kaduu’s API to pull findings directly into our own tools. When an event is detected, it’s ingested, correlated, and turned into an alert inside our incident platform. From there, it appears alongside each nonprofit in their dedicated dashboard. This makes Kaduu’s data part of our standard incident flow instead of a separate, siloed feed.
6. Can you describe what typically happens inside your organization when Kaduu reports a new data leak or potential exposure?
When Kaduu flags a new leak or potential exposure, an analyst first validates the finding and assesses impact and urgency. We then contact the affected nonprofit, explain what was found in clear terms, and guide them through immediate steps such as credential resets, access reviews, or infrastructure changes. The data are also made available to nonprofits if they want to take direct action without our support and of course, If needed, we escalate it to volunteers with the right expertise.
7. Have you already identified data leaks or exposed credentials that could have posed a significant risk to your organization if they had been exploited?
Yes. We have seen exposed credentials and data that, if left unchecked, could have led to account takeover, lateral movement, or targeted attacks against staff and beneficiaries. In several cases, early detection allowed us to close gaps before there was any sign of active abuse. So thanks!
8. Would you recommend Kaduu to other companies? If yes, what would be your main reasons?
Yes, we would recommend Kaduu and we already did. The main reasons are that the intelligence is usable and it supports teams like ours that are trying to protect organizations with very limited resources. It helps us turn volunteer time into concrete risk reduction for nonprofits.
9. Is there anything else you would like to share about your experience with darknet monitoring or with Kaduu specifically?
Thanks for your support along all these years! You make a real difference
Your data might already be exposed. Most companies find out too late. Let ’s change that. Trusted by 100+ security teams.
🚀Ask for a demo NOW →Q: What is dark web monitoring?
A: Dark web monitoring is the process of tracking your organization’s data on hidden networks to detect leaked or stolen information such as passwords, credentials, or sensitive files shared by cybercriminals.
Q: How does dark web monitoring work?
A: Dark web monitoring works by scanning hidden sites and forums in real time to detect mentions of your data, credentials, or company information before cybercriminals can exploit them.
Q: Why use dark web monitoring?
A: Because it alerts you early when your data appears on the dark web, helping prevent breaches, fraud, and reputational damage before they escalate.
Q: Who needs dark web monitoring services?
A: MSSP and any organization that handles sensitive data, valuable assets, or customer information from small businesses to large enterprises benefits from dark web monitoring.
Q: What does it mean if your information is on the dark web?
A: It means your personal or company data has been exposed or stolen and could be used for fraud, identity theft, or unauthorized access immediate action is needed to protect yourselfsssss.