Changelog June 30, 2022

  • fix Now translate punycode to unicode in the SQL query responses
  • fix Removed Top Level Domains (TLDs) from Feeds
  • fix Fixed an issue that caused the dropdown menu for Risk Rules filters to be disabled if a Rule by Issue was expanded
  • fix Fixed an issue that caused the SurfaceBrowser app to freeze when searching for a keyword instead of a valid domain
  • fix ASI rule templates now properly translate unicode into punycode for the backend to process

Changelog Jun 23, 2022

  • fix  Permanently fixed the more links in the ASI demo ASI dashboard boxes. They no longer head to the now defunct Risks tab
  • fix ASI pages should now automatically convert punycode into human readable unicode
  • fix SSO stability fix

Changelog June 13, 2022

  • Announcement 
    • The Risks tab of ASI Projects has been officially depreciated. You can find similar features with improved performance in the Risk Rules tab
    • Self-Signed Certs can now be found as a Risk Rule named Hosts with Self-Signed SSL/TLS Certificates
    • Staging and Dev Subdomains can now be found as a Risk Rule named Development Infrastructure Exposure
    • Finally, Open Ports can now be found in the new Database Open Ports Risk Rule that has been updated to use ASI snapshots. It looks a little different than the previous two rules but it’s increased accuracy and confidence has improved thanks to its use of ASI snapshots

    Changelog May 23, 2022

    • [New] Risks Filters offering increased granular control over Risk Rules
    • [New] Legacy Risks in ASI
    • [Bug Fix] Download status checks are now paused based on the visibility of the browser window/tab to reduce polling
    • [Bug Fix] In SurfaceBrowser Associated Domains, the (?) icon now has improved line-break wrapping
    • [Bug Fix] Fixed an issue with IP stats data fetching that was causing frequent Application Errors in SurfaceBrowser

    Changelog April 27, 2022

    • improvement Added the Country filter to the ASR Explorer
    • improvement  Grouped ports tooltip should now work properly with the screenshot icon
    • improvement  Grouped ports tooltip is now scrollable in the explorer
    • improvement  Clicking the number on Hosts by Geography now filters the Explorer page by country
    • fix  Added DOS protections to the signup form
    • fix Fixed the alignment of the loading text in SurfaceBrowser
    • improvement  Improved the no records text color in the Free App and Console
    • improvement  Fixed some slight layout issues on the console page

    Changelog April 20, 2022


    • announcement Risk Rules details modal has been improved significantly with lots of additional information on technologies, screenshots, risk rule counts, and more
    • announcement Risk Rules reference links. Learn more details about each individual risk with the reference links
    • announcement Export Risk Rules Issues and risk Rule Hosts is now supported
    • announcement un-defanging is now supported in SurfaceBrowser and Console IP search. Anything other than a number and a period will be stripped out from an IP search
    • announcement To improve performance of IP searches in ASI, the search field now adds a dynamic placeholder if the current string is possibly IPv4 IP address
    • announcement Removed the “Beta” tag from the Risk Rules tab
    • announcement Added a new error messaging field in ES to support new verbose error messages in ASI
    • improvement Improved the SurfaceBrowser page pre-loaders to improve page load times and reduce spinning
    • improvement Added Recorded Future SSO hooks signature matching
    • fix WHOIS SQL now bypasses short org (4 letter) names
    • fix Fixed an issue where the incorrect technology icon for F5 BigIP Reverse Proxy would display in the ASI details module
    • fix Fixed an issue with the query in the SQL editor not being clear when you click on the SQL button in SurfaceBrowser
    • fix Fixed a layout issue for error messages in SurfaceBrowser presenting with extra padding
    • fix SurfaceBrowser or console search should no longer send the user to a blank page and trip a console error when searching for an invalid domain
    • fixFixed some layout issues on the SurfaceBrowser IP page
      • Notably the /p2p and /devices pages
    • fix Fixed an issue where the header logo turns unreadable when using dark mode on user logout. The SecurityTrails logo should now remain readable

    Changelog March 14, 2022

    • announcement Risk Rules Beta is now available
    • announcement Single Sign-on for Recorded Future accounts is now live
    • fix Fixed a bad clearbit logo result for Sitefinity and Microsoft ASPNET queries
    • fix Fixed an issue that could cause screenshots to fail to appear when too many were requested at once. We’ve updated the endpoint to better handle scaling
    • fix Fixed an issue that caused some 0 byte images to be used as screenshots. We’ve removed those images from our backend and put in protections to prevent that from happening again
    • fix Fixed an issue that could break the screenshot endpoint if it was missing a thumbnail

    Changelog February 24, 2022

    • announcement Added Lazyload to the way we call the screenshot endpoint. This should reduce client load when trying to view screenshots in ASI
    • improvement Implemented use of thumbnails for screenshots in ASI to reduce client load time
    • fix Fixed an issue with the CSV format in downloads for ASI. The bug was causing downloads to get stuck

    Associated Domains with Subdomains

    Changelog February 14, 2022

    • NEW!A new template rule has been added to Attack Surface Intelligence. Using Associated Domains with Subdomains automatically populates projects with all hostnames related to your target company.

    Now it's possible to expand your Attack Surface analysis efforts by scanning not only the project's domain name and their associated domains, but also every subdomain associated with all the target's related domains.



    Show Previous EntriesShow Previous Entries