Single Sign-On (SSO) Authentication!

It's time again for a big announcement!

We’re excited to announce our new SSO authentication system. This release includes Okta as the first integration for all SecurityTrails teams that utilize Okta for SSO.

You can find all details on how to enable SSO in your account here.

Stay tuned for more SSO integration announcements soon.

Several UI Improvements!

new ui improvements!

It's time again for some exciting news! Several User Interface improvements were deployed and here's a summary of what's been done:
  • Updated SurfaceBrowser™ navigation to streamline exploratory items into "Browse"
  • New, fresh icons on the SurfaceBrowser™ home page
  • Updates to the Attack Surface Reduction nodes report nodes report

New UI light/dark mode styling available

ANNOUNCEMENTIt's time again for some very exciting news! 
Whether you're a fan of light or dark mode, both options are available today in SecurityTrails™ Free App, ASR, SurfaceBrowser, and User Console.

Easily configurable styling change is available at each page footer, after clicking the switch.

Your preferences will be saved in your profile and can be changed anytime.

New SecurityTrails™ SQL API

announcement Exciting news!! Our new SQL API endpoint is launched.
This replaces any prototype DSLv2 endpoints and is production-ready.  
Please contact sales if you'd like to subscribe to it (it's not currently included in retail packages)

You'll be able to:

  • Use SQL-like language to query our database in a very convenient and fast way.
  • Enjoy swift response times, with multiple fields to query our entire dataset (often under 50ms).
  • Obtain a JSON-formatted response for you to parse, transform and enhance the data.
  • Shape your query using our SurfaceBrowser SQL Explorer and use it in the API.

Check these links for documentation, and a full reference or properties and operators.

April 6, 2021 - New ASR summary

announcement The summary page in ASR has been updated to include more data

improvement A new setting has been added to enable/disable compression for downloads.
improvement The SQL has been updated. Several boolean values (is_anycast, is_local and is_bogon) have been corrected and the JARM value is now available as ip.jarm
fix A bug on the DNS history page has been resolved that caused inaccurate results.

March 17, 2021 - SQL updates

We released some changes to the SQL query language.

improvement We changed the timestamp format in the responses from UNIX timestamps to ISO8601
improvement We added the most recent DNS response history to the host table
improvement We added JARM fingerprints to the IP table

February 18, 2021 - HTTP headers, Teams and Documentation

With the new release we support ASR project sharing.  With this feature you are now able to collaborate on your projects with your colleagues. Further we added more data so that you can also query for the HTTP headers of our crawls. Also, a new documentation has been published.

SurfaceBrowser and ASR

announcement You can now query HTTP headers from the SQL explorer. Read more about it on our blog

announcement ASR project sharing support has been added for teams who want to collaborate on projects.

announcement We published a new documentation for SurfaceBrowser and ASR.

improvement All possible SQL operators have been added to documentation in the SQL explorer

improvement We added grouping of ports for selected WAFs and CDNs. This allows you to keep a better overview. This behavior can be deactivated in the settings.

Release January 6, 2020 - ASRv2

In this release we introduce ASRv2 - our attack surface reduction tool. It allows you to assess your attack surface accessible from the internet in one application. Our ASR user interface allows you to proactively monitor critical assets of your company.

Gather all possible information related to your company. This feature will bring all discovered hostnames such as the most common ones (like your web and mail server) plus additional ones that may exist or be forgotten. It allows you to look at and review your infrastructure from a different angle.

Get proactive alerts when your infrastructure changes are detected. This is especially useful to notice unwanted/malicious new configurations that could be silently made by error/misconfiguration or an attacker in control of your DNS zones.

Understand the different security risks that your company may be facing. It will provide you an additional insight of those services that could be harmful and should be reviewed.

Get a grasp of your internet-facing infrastructure by having a detailed inventory. ASR shows you selected services and configurations that could be intersting to understand your company's attack surface.

Test for Free
Test out ASRv2 and get an attack surface report for FREE!
Grab yours today:

Show Previous EntriesShow Previous Entries