30+ sources. Three tiers.
CIA-grade coverage.

New repos, commits, releases, stars. Reveals tech stack decisions, open-source bets, and release cadence before press coverage.

Open roles across major ATS platforms. Hiring patterns reveal product bets, market expansion, and team growth before any announcement.

Real-time news search for company mentions, product launches, funding rounds, and executive changes.

Detects copy changes, new page sections, and layout shifts on competitor websites.

10-K, 10-Q, 8-K, S-1 filings. Revenue figures, risk disclosures, new business lines, executive compensation.

New patent applications and grants. Reveals R&D direction 12-24 months before product release.

Brand mentions, customer complaints, community sentiment. Early signal of product problems or viral moments.

Competitor launches and related products. Often the first public signal of a new product or pivot.

Model uploads and fine-tunes. Early signal of AI strategy and upcoming ML-powered features.

Version updates, changelogs, rating changes. App updates telegraph backend changes and new features.

New trademark filings. Often precede product launches, rebrandings, or new market categories.

Customer sentiment on public review platforms. Feature gaps and support complaints surface before earnings calls.

TLS cert issuance monitoring. New certs for internal subdomains or staging envs reveal stealth projects — publicly logged.

Passively maps competitor subdomains. Strategic subdomains (api2, beta, staging, checkout) signal product expansion.

Maps open ports, exposed services, cloud providers, TLS certs, and known CVEs. Reveals tech stack and security posture.

Checks 25 bucket naming patterns for public accessibility. Publicly listable buckets can expose build artifacts and internal docs.

Searches public repos for accidental internal domain references, unreleased feature keywords, and new repos. Catches roadmap hints.

Scans public paste sites for accidental data exposure — API keys, internal URLs, database strings, credentials.

Checks if competitor domains appear in known data breaches. Reveals security maturity and customer trust vulnerabilities.

Federal and state court dockets for competitor lawsuits. Case type, parties, financial figures — legal risk made visible.

Tracks hiring acceleration and deceleration by department over time. A 3x spike in ML engineers is a stronger signal than any press release.

Detects pricing page changes using content fingerprinting and Wayback diffs. Price increases and new tiers flagged immediately.

Monitors public posts about new hires, departures, and conference talks. Executive movement often precedes pivots.

Tracks follower growth, new posts, and company page updates. Follower acceleration is an early indicator of brand momentum or launch activity. Brave Search API key recommended for reliable results; falls back to direct scraping without it.

Compares current pages against archived snapshots to show exactly what changed — removed features, new positioning, killed pages.

Active ad creatives, spend estimates, messaging angles. Reveals campaign focus areas and growth channels.

Monitors 100+ ransomware group leak sites (LockBit, ALPHV, Cl0p, Black Basta, etc.) for company mentions. If a competitor is listed, it means they've been breached and their data is about to go public. Standard practice at Recorded Future, Mandiant, Digital Shadows.

Indexes publicly exposed databases, open Redis/MongoDB/Elasticsearch instances, and infrastructure misconfigurations found via internet-wide scanning. A hit means live exposed data accessible right now.

Maps the company's entire IP address space, autonomous system ownership, and peering relationships. Identifies cloud vs. owned infrastructure and geographic expansion via new IP prefixes.

Automated advanced search queries (filetype:env, inurl:admin, "index of /", open directories, credentials on paste sites) against the target domain. Finds publicly indexed sensitive content search engines have already crawled. Brave Search API key recommended for higher rate limits; falls back to DuckDuckGo without it.

DeHashed searches breach databases for employee credential exposure by domain — plaintext passwords, hashed credentials, affected emails. IntelligenceX extends this to dark web archives, Tor hidden service mentions, and paste site history going back years.