February 18, 2021 - HTTP headers, Teams and Documentation

With the new release we support ASR project sharing.  With this feature you are now able to collaborate on your projects with your colleagues. Further we added more data so that you can also query for the HTTP headers of our crawls. Also, a new documentation has been published.

SurfaceBrowser and ASR

announcement You can now query HTTP headers from the SQL explorer. Read more about it on our blog

announcement ASR project sharing support has been added for teams who want to collaborate on projects.

announcement We published a new documentation for SurfaceBrowser and ASR.

improvement All possible SQL operators have been added to documentation in the SQL explorer

improvement We added grouping of ports for selected WAFs and CDNs. This allows you to keep a better overview. This behavior can be deactivated in the settings.

Release January 6, 2020 - ASRv2

In this release we introduce ASRv2 - our attack surface reduction tool. It allows you to assess your attack surface accessible from the internet in one application. Our ASR user interface allows you to proactively monitor critical assets of your company.

Gather all possible information related to your company. This feature will bring all discovered hostnames such as the most common ones (like your web and mail server) plus additional ones that may exist or be forgotten. It allows you to look at and review your infrastructure from a different angle.

Get proactive alerts when your infrastructure changes are detected. This is especially useful to notice unwanted/malicious new configurations that could be silently made by error/misconfiguration or an attacker in control of your DNS zones.

Understand the different security risks that your company may be facing. It will provide you an additional insight of those services that could be harmful and should be reviewed.

Get a grasp of your internet-facing infrastructure by having a detailed inventory. ASR shows you selected services and configurations that could be intersting to understand your company's attack surface.

Test for Free
Test out ASRv2 and get an attack surface report for FREE!
Grab yours today: https://securitytrails.com/free-attack-surface-report

Release October 22, 2020 - Regex support for hostnames

With this release we added Regex support for the hostname to the preview version of SQL explorer.


improvement Regex (RLIKE) support was been added to the SQL syntax for the hostname

fix A bug in SQL has been fixed so that it is possible to query for anycast IPs


fix  We changed the response and response HTTP code for the domain search endpoint if the scroll parameter is set to true and no results are returned.

Release October 8, 2020 - Visual Improvements

With this release, we have been improving some design elements and adding a new parameter to the certificate transparency firehose endpoint.


improvement We added an end parameter to the certificate transparency firehose endpoint. Now it is possible to get certificate transparency log entries between two timestamps. 


improvement We improved some design elements to provide a better experience.

Release September 25, 2020 - More Downloads

With this release, we added more possibilities to export data shown in SurfaceBrowser and further improved the preview version of SQL explorer.


improvement Download possibilities were added to the WHOIS, Mergers & Acquisitions and Suborganizations page

improvement Many improvements have been made for the SQL explorer. Among others, we added support for ISO8601 timestamps and improved the NOT syntax. Also, we made user interface improvements.


improvement We added a search field to the navigation bar to easier access our data in your web browser.

Release September 10, 2020 - Host Page Improvement, Egress Activity

In this release we focused on improving the host page by adding additional information. Additionally we reintroduced the Egress Activity which shows whether we are aware of egress traffic from a specific IP or subnet.


improvement On the host page we show more data about crawls. Furthermore, we now also show WHOIS data and redirects on the hosts page.

improvement Egress activity has been reintroduced. It shows whether we are aware of egress traffic from an IP or subnet.

improvement On the Activity page the download possiblity has been added.

improvement On the SSL page of a company precertificates are marked as such. Also the SSL certificate detail page has been improved.

improvement Several improvements have been made on the preview version of SQL explorer such as renaming attributes and improving documentation.


improvement if-none-match header support has been added to the feed endpoints.

improvement Firehose and Feed endpoints do not count towards the quota anymore.

Release August 28, 2020 - Certificate Transparency Firehose, SSL Certificates, DMARC feed

With this release we added a new Certificate Transparency (CT) log firehose endpoint. It allows you to stream CT log entries we encountred. Additionally we also added a DMARC feed, which offer the latest new DMARC records. In SurfaceBrowser we added a new SSL Certificate Details page.


announcement We introduced a new firehose endpoint that streams Certificate Transparency log entries we encountered. This endpoint is available as an addon.

announcement A new DMARC feed endpoint is available. It allows to download new daily DMARC entries. This endpoint is available as an addon.

  fix  Some content-type headers have been adjusted to reflect the type of data they are returning.


announcement A new SSL certificate detail page has been introduced, which allows the users to view the contents of the certificate.

improvement The activity page has been updated to include additional information about the hostname.

fix We resolved an issue where certain search terms generated an error.

fix Various issues for SQL have been resolved and improvements have been made, such as more examples have been added.

Release August 14, 2020 - Hosting History visualization, Associated Domains

With this release, a new visualization that helps to understand where a domain has been hosted has been released. Additionally, we make a new version of associated domains available to interested customers. The last big change of this release is that visitors are now required to login to see additional data. 


announcement We are happy to announce that we are able to release the next version of our associated domains algorithm as a preview to interested customers. If you are interested in trying out the next version, please contact support.

improvement The IP search endpoint now also returns the ports attribute even if we have not detected an open port.


announcement We have introduced a new visualization on the host DNS history page to better understand where a domain has been hosted.

improvement We added the tags, we introduced in the last release, to the activity page.

improvement We added the possibility to download the results to the SSL certificates page and to the Domains Modal on the IP blocks page.

Improvement: On the IP page we now show if we have detected that an IP is anycast.

improvement On multiple pages we have changed the sorting algorithm so that more popular hostnames and domains are shown first.

improvement In the preview SQL explorer feature we improved usability. It is now possible to send the query by pressing CTRL+Enter. Also, an anycast flag and open page rank has been added to the queriable data.

improvement It is now possible to see the latest release notes on the homepage of SurfaceBrowser.

fix Multiple issues with our 2-Factor Authentication implementation have been resolved.


announcement The website now requires you to login to view more data.

Show Previous EntriesShow Previous Entries