Baobab Expands Deep Scan to detect confidential corporate information online

Berlin, March 03, 2026 – Baobab Insurance, a leading European provider of digital risk protection with an integrated prevention approach, is now integrating Dark Web Monitoring into its proven Deep Scan technology. With this move, the company offers its customers a proactive early warning system against one of the most common causes of ransomware attacks: the misuse of stolen identities.

Seamless Integration into Insurance Coverage

The new monitoring feature is now an integral part of the insurance offering for Cybersafe and E-Crime policies in Germany, Austria, and the Benelux countries. This makes Baobab Insurance one of the first providers in the European market to integrate the identification of stolen credentials into insurance coverage as a free preventive measure.

Systematic Prioritization of Data Leaks

A unique feature in the market is how Baobab Insurance directly correlates discovered credentials with the customer’s exposed infrastructure, such as VPN access, firewalls, or OWA portals. An alarm is triggered only when both the "key" (credential) and the "lock" (access point) are active—a level of precision that standard reporting tools do not offer.

Instead of treating all discovered data equally, Baobab utilizes a multi-stage validation process to specifically identify critical security risks. By focusing on credentials linked to business-critical systems and analyzing complex passwords—an indicator of active corporate accounts—Baobab helps organizations prioritize the greatest business risks. This approach avoids typical "alert fatigue," which is often caused by unfiltered mass reports and irrelevant or outdated data leaks.

If a critical discovery is made, both brokers and policyholders are alerted. Furthermore, Baobab's cybersecurity experts provide specific recommendations for action to increase corporate security.

"The decisive advantage for our customers is our reaction speed," explains Andrew Saula, Head of Cyber Risk & Incident Response at Baobab Insurance. "We contact the company before an attacker can use a stolen identity to penetrate a network. In other words: we provide insured companies with the information that their keys have been lost before the break-in even occurs."

Technological Excellence and Validation

As part of this new approach, Baobab combines Open-Source Intelligence (OSINT) with targeted monitoring of Darknet marketplaces and "Cloud of Logs" databases. To ensure warnings are relevant and to prevent alert fatigue, all findings undergo a multi-stage validation process:

  • Recency Check: Focus on current datasets from 2025/2026 with high active relevance.
  • Complexity Analysis: Filtering for strong, business-relevant passwords rather than short private passwords, serving as an indicator for active corporate accounts.
  • Correlation Check: Cross-referencing leaks with actually exposed login portals (VPN, OWA, firewalls) for precise risk classification.

With this expansion, Baobab Insurance underscores its ambition to be more than just financial backing in the event of a claim; it aims to sustainably strengthen the cyber resilience of the European SME sector and the high-end industrial sector as an active technology partner.

From Deep Scan to All-Round Protection

In the past, Baobab’s proprietary Deep Scan technology identified the digital infrastructure of companies 3.2 times more effectively than conventional scans. The technology identifies used software versions and automatically matches them with known vulnerabilities that frequently serve as gateways for ransomware. As a result, Baobab customers close security gaps 20 times faster than the market average, resolving vulnerabilities within the portfolio after an average of just three days.

The new update allows the technology to identify credentials circulating in the Darknet or public repositories—such as usernames and passwords—that are directly related to the insured company's domain. The relevance of this expansion is highlighted by current figures: for 54% of all ransomware victims, credentials had already been circulating in so-called "infostealer" logs on the Darknet prior to the actual attack. Through this new monitoring, Baobab Insurance eliminates a dangerous security risk.

Privacy and Security "by Design"

Despite the comprehensive analysis, privacy remains protected. In the interest of data minimization, no passwords are stored in plain text. Customers receive masked reports that only allow them to identify the affected account and the source of the leak, enabling them to initiate immediate countermeasures such as password resets.

About Baobab Insurance

Baobab Insurance is a managing general agent (MGA) for digital risks. Its product portfolio includes cyber insurance, an E-Crime product, and an IT liability policy for IT, software, technology, and telecommunications companies in Germany and Austria. A core component of the insurance service is continuous AI-based monitoring of cybersecurity. Together with the broadest partner network in the German market, Baobab also offers risk-relevant services such as phishing simulations and awareness training.

Baobab Insurance was founded in 2021 in Berlin and is active in the German and Austrian markets, as well as the Benelux countries as of November 2025.

For more information, visit: baobab.io.