About

Find, preempt, and disrupt
attacker infrastructure

We surface abusive domains and staging infrastructure before it reaches your perimeter, while helping security and brand teams investigate, score, and respond faster.

The problem

Attacks move at machine speed. Defenses should too.

The asymmetry keeps widening. Attackers automate infrastructure, identities, and campaigns while defenders triage alerts, chase registrars, and rebuild evidence packets from scratch.

Have I Been Squatted exists to close that gap by finding threatening infrastructure early and connecting detection to action.

Attacks automate faster than manual defense

Attackers spin up infrastructure, identities, and campaigns at machine speed. Defenders are stuck playing a game of whack-a-mole, triaging, escalating, and remediating manually. Knowing is not enough when acting is the bottleneck.

Abuse lives outside the perimeter

Lookalike domains, staging hosts, and certificate transparency (CT) artifacts appear in places that endpoint and network security tools were never built to monitor.

Weaponization keeps accelerating

Many abusive domains move from registration to active use within days, often within hours. Passive threat feeds arrive too late to preempt the damage.

The platform

One pipeline from signal to response

Domain, certificate, DNS, and hosting signals feed a unified workflow scored against your organization. The output is prioritized risk with evidence, takedown support, and integrations into mail and security tooling.

  1. Detect

    Infrastructure surfaced against your brand the moment it appears.

  2. Investigate

    Domains clustered into campaigns, attributed, and ready for casework.

  3. Disrupt

    Infrastructure taken down on your behalf, tracked through resolution.

Today

Trusted in production

Security and brand protection teams at logistics, financial services, media, and technology companies rely on the platform for continuous domain monitoring and coordinated response.

Published customer stories document faster takedowns, higher confidence in monitoring coverage, and less time spent assembling evidence by hand. The team also collaborates operationally with law enforcement on active abuse cases.

Read customer stories

Founded

Launched in 2022 after an early experiment on Hacker News, the product grew through self-serve adoption by practitioners who needed better domain intelligence without a heavyweight sales process.

Trusted by 700+ organizations

Arena Group logo
BBI Logistics logo
DEKRA logo
GIGS logo
Jane Street logo
Levata logo
Marlink logo
Outtake logo
Riverside logo
Sabio logo
ThreatConnect logo
ULA logo
Arena Group logo
BBI Logistics logo
DEKRA logo
GIGS logo
Jane Street logo
Levata logo
Marlink logo
Outtake logo
Riverside logo
Sabio logo
ThreatConnect logo
ULA logo
Arena Group logo
BBI Logistics logo
DEKRA logo
GIGS logo
Jane Street logo
Levata logo
Marlink logo
Outtake logo
Riverside logo
Sabio logo
ThreatConnect logo
ULA logo

Team

A decade of building security products

The founding team built application security and phishing simulation products together for years before Have I Been Squatted. They kept hitting the same wall. Infrastructure outside the perimeter moves faster than manual response, and this platform is built for evidence you can act on, speed that matches registration churn, and less busywork between alert and escalation.

Juxhin Dyrmishi Brigjaj

Founder, CEO

Security engineer specialising in application security, cybersecurity, and embedded systems.

Ian Muscat

Co-Founder, CPO

Security and cloud engineer with a background in DevSecOps and web platform infrastructure.

Charlie Kelly

Co-Founder, CCO

Incident response specialist with a background in threat intelligence and threat hunting.

Interested in joining? See open roles on the careers page.

View open roles

Fortify your brand security today

Join cybersecurity professionals who trust Have I Been Squatted to protect their brands from threats.