Flare, a provider of threat exposure management, has launched Identity Exposure Management (IEM), which is designed to prevent exposed identities from causing large-scale incidents.
Every hour that exposed accounts go unaddressed intensifies the risk of a breach. Verizon’s DBIR 2025 report found that stolen credentials were involved in 88% of web application attacks. Moreover, the average e-crime breakout time is just 48 minutes, according to CrowdStrike’s 2025 Global Threat Report. This stems from Infostealer Malware-as-a-Service growth, which has lowered the barrier of entry for attacks.
Close to 50 million breached identities are traded across Telegram and dark web channels weekly, providing attackers with endless opportunities to conduct account takeovers. Adversaries collect credentials and browser data through infostealer malware, making it relatively easy to bypass MFA and hijack organizations.
“Many of the largest breaches in recent years stem from attackers simply logging in,” said Nick Ascoli, director of product strategy at Flare. “At any moment, a newly exposed account represents one of the most critical risks to an organization. Detecting and remediating these exposures before attackers exploit them is mission-critical.”
Identity Exposure Management builds on the success of Flare’s integration with Entra ID and manual credential validation capabilities. This workflow helped teams test thousands of leaked credentials across the dark web and stealer logs, resulting in a ~2% true positive rate, and averted critical incidents worth millions in avoided breach costs. Identity Exposure Management closes the loop with fully automated validation and remediation within a customer’s Entra ID environment, shrinking dwell time from days or weeks to seconds.
“With Identity Exposure Management, we’re giving security teams the ability to act, not just alert,” said Serge-Olivier Paquette, chief product officer at Flare. “Our customers already use Flare to validate thousands of leaked credentials. Now, they can eliminate the threat entirely, before attackers ever have a chance to log in.”
In addition to automation, Identity Exposure Management delivers new visibility and context with Identity Profiles and Blast Radius features. Customers can enrich each discovered exposure with context on the user, related incidents, and potential attack pathways, strengthening posture after the threat has been remediated.