Changelog April 27, 2022

  • improvement Added the Country filter to the ASR Explorer
  • improvement  Grouped ports tooltip should now work properly with the screenshot icon
  • improvement  Grouped ports tooltip is now scrollable in the explorer
  • improvement  Clicking the number on Hosts by Geography now filters the Explorer page by country
  • fix  Added DOS protections to the signup form
  • fix Fixed the alignment of the loading text in SurfaceBrowser
  • improvement  Improved the no records text color in the Free App and Console
  • improvement  Fixed some slight layout issues on the console page

Changelog April 20, 2022


  • announcement Risk Rules details modal has been improved significantly with lots of additional information on technologies, screenshots, risk rule counts, and more
  • announcement Risk Rules reference links. Learn more details about each individual risk with the reference links
  • announcement Export Risk Rules Issues and risk Rule Hosts is now supported
  • announcement un-defanging is now supported in SurfaceBrowser and Console IP search. Anything other than a number and a period will be stripped out from an IP search
  • announcement To improve performance of IP searches in ASI, the search field now adds a dynamic placeholder if the current string is possibly IPv4 IP address
  • announcement Removed the “Beta” tag from the Risk Rules tab
  • announcement Added a new error messaging field in ES to support new verbose error messages in ASI
  • improvement Improved the SurfaceBrowser page pre-loaders to improve page load times and reduce spinning
  • improvement Added Recorded Future SSO hooks signature matching
  • fix WHOIS SQL now bypasses short org (4 letter) names
  • fix Fixed an issue where the incorrect technology icon for F5 BigIP Reverse Proxy would display in the ASI details module
  • fix Fixed an issue with the query in the SQL editor not being clear when you click on the SQL button in SurfaceBrowser
  • fix Fixed a layout issue for error messages in SurfaceBrowser presenting with extra padding
  • fix SurfaceBrowser or console search should no longer send the user to a blank page and trip a console error when searching for an invalid domain
  • fixFixed some layout issues on the SurfaceBrowser IP page
    • Notably the /p2p and /devices pages
  • fix Fixed an issue where the header logo turns unreadable when using dark mode on user logout. The SecurityTrails logo should now remain readable

Changelog March 14, 2022

  • announcement Risk Rules Beta is now available
  • announcement Single Sign-on for Recorded Future accounts is now live
  • fix Fixed a bad clearbit logo result for Sitefinity and Microsoft ASPNET queries
  • fix Fixed an issue that could cause screenshots to fail to appear when too many were requested at once. We’ve updated the endpoint to better handle scaling
  • fix Fixed an issue that caused some 0 byte images to be used as screenshots. We’ve removed those images from our backend and put in protections to prevent that from happening again
  • fix Fixed an issue that could break the screenshot endpoint if it was missing a thumbnail

Changelog February 24, 2022

  • announcement Added Lazyload to the way we call the screenshot endpoint. This should reduce client load when trying to view screenshots in ASI
  • improvement Implemented use of thumbnails for screenshots in ASI to reduce client load time
  • fix Fixed an issue with the CSV format in downloads for ASI. The bug was causing downloads to get stuck

Associated Domains with Subdomains

Changelog February 14, 2022

  • NEW!A new template rule has been added to Attack Surface Intelligence. Using Associated Domains with Subdomains automatically populates projects with all hostnames related to your target company.

Now it's possible to expand your Attack Surface analysis efforts by scanning not only the project's domain name and their associated domains, but also every subdomain associated with all the target's related domains.



Changelog February 2, 2022

Improvement Browser session timeout has been extended to a 6 hour session

improvement Made some visual improvements to the on hover effects for application ports in Explorer Beta 

bug fix Fixed an issue in with Explorer Beta that caused screenshots to sometimes not display a hostname


ASR Technologies & IP-Blocks Downloads

Happy Lunar New Year!

We've been hard at work getting ready for some new features. Today we're releasing the following

ASR Detailed Application View added to the Beta Explorer Screenshots page. Users with access to our Beta Explorer can begin testing out our new Detailed Application View by clicking on an item. Doing so will bring up a new modal with more detailed information on a given application

IP-Blocks Downloads IP-Blocks downloads were completely reworked to improve the performance of the download operation. This is available once again inside SurfaceBrowser in the following path  /app/sb/domain/[domain]/ip-blocks

Activity Heatmap has been added to surfaceBrowser /app/sb/domain/[domain]/activity

Bug Fix We also fixed an issue with the subdomains endpoint that was not properly filtering the children_only query param

Single Sign-On (SSO) Authentication!


It's time again for a big announcement!

We’re excited to announce our new SSO authentication system. This release includes Okta as the first integration for all SecurityTrails teams that utilize Okta for SSO.

You can find all details on how to enable SSO in your account here.

Stay tuned for more SSO integration announcements soon.

Several UI Improvements!

new ui improvements!

It's time again for some exciting news! Several User Interface improvements were deployed and here's a summary of what's been done:
  • Updated SurfaceBrowser™ navigation to streamline exploratory items into "Browse"
  • New, fresh icons on the SurfaceBrowser™ home page
  • Updates to the Attack Surface Reduction nodes report nodes report

Show Previous EntriesShow Previous Entries