Solar inRights 3.11 Automatically Blocks Corporate Accounts Whose Passwords Appear in Dark Web Leaks
GC Solar has released Solar inRights 3.11, the latest version of its identity and access management solution that can automatically detect and neutralize corporate credentials exposed in data breaches and dark web dumps.
The system is now tightly integrated with the company’s Solar AURA external-threat monitoring service. Solar AURA continuously scans open sources and the dark web for employee login-password combinations; when matches are found, Solar inRights checks whether those same credentials are still valid inside the organization’s internal systems.
If a leaked pair is confirmed as active, the platform immediately blocks the account and notifies the information-security team, dramatically shortening the window between credential exposure and remediation.
The real-world attack scenario is straightforward: an employee reuses a corporate email address and a familiar password on an external website; that site is later breached, the credentials appear on underground forums, and an attacker tests them against the company’s VPN, mail, or cloud portals. Because the login looks legitimate, traditional perimeter defenses often fail to stop it.
According to Solar’s research, one large Russian organization had more than 600 unique corporate accounts circulating in public and shadow sources at any given time. Only around 4 percent of those records directly pointed to an ongoing infrastructure compromise, yet the remainder remain dangerous because of widespread password reuse.
Supporting statistics from Yandex Cloud show that the use of valid stolen credentials featured in 54 percent of more than 25,000 attack attempts against cloud and hybrid infrastructures during the first half of 2025.
Before the automated workflow introduced in version 3.11, security teams often had to correlate dark-web findings with internal directories manually, allowing days or weeks to pass between discovery and blocking. The new release aims to reduce that interval to a minimum.
In addition to the leak-response capability, Solar inRights 3.11 includes enhancements to search functions, request filters, and pre-built integration templates for Active Directory, Exchange, and 1C.
The core value of the update, however, lies in its proactive stance: the password may never be used because the door is already closed.