March 17, 2021 - SQL updates

We released some changes to the SQL query language.

improvement We changed the timestamp format in the responses from UNIX timestamps to ISO8601
improvement We added the most recent DNS response history to the host table
improvement We added JARM fingerprints to the IP table

February 18, 2021 - HTTP headers, Teams and Documentation

With the new release we support ASR project sharing.  With this feature you are now able to collaborate on your projects with your colleagues. Further we added more data so that you can also query for the HTTP headers of our crawls. Also, a new documentation has been published.

SurfaceBrowser and ASR

announcement You can now query HTTP headers from the SQL explorer. Read more about it on our blog

announcement ASR project sharing support has been added for teams who want to collaborate on projects.

announcement We published a new documentation for SurfaceBrowser and ASR.

improvement All possible SQL operators have been added to documentation in the SQL explorer

improvement We added grouping of ports for selected WAFs and CDNs. This allows you to keep a better overview. This behavior can be deactivated in the settings.


Release January 6, 2020 - ASRv2

In this release we introduce ASRv2 - our attack surface reduction tool. It allows you to assess your attack surface accessible from the internet in one application. Our ASR user interface allows you to proactively monitor critical assets of your company.

Explore
Gather all possible information related to your company. This feature will bring all discovered hostnames such as the most common ones (like your web and mail server) plus additional ones that may exist or be forgotten. It allows you to look at and review your infrastructure from a different angle.

Alerts
Get proactive alerts when your infrastructure changes are detected. This is especially useful to notice unwanted/malicious new configurations that could be silently made by error/misconfiguration or an attacker in control of your DNS zones.

Risks
Understand the different security risks that your company may be facing. It will provide you an additional insight of those services that could be harmful and should be reviewed.

Inventory
Get a grasp of your internet-facing infrastructure by having a detailed inventory. ASR shows you selected services and configurations that could be intersting to understand your company's attack surface.

Test for Free
Test out ASRv2 and get an attack surface report for FREE!
Grab yours today: https://securitytrails.com/free-attack-surface-report

Release October 22, 2020 - Regex support for hostnames

With this release we added Regex support for the hostname to the preview version of SQL explorer.

SurfaceBrowser

improvement Regex (RLIKE) support was been added to the SQL syntax for the hostname

fix A bug in SQL has been fixed so that it is possible to query for anycast IPs

API

fix  We changed the response and response HTTP code for the domain search endpoint if the scroll parameter is set to true and no results are returned.


Release October 8, 2020 - Visual Improvements

With this release, we have been improving some design elements and adding a new parameter to the certificate transparency firehose endpoint.

API

improvement We added an end parameter to the certificate transparency firehose endpoint. Now it is possible to get certificate transparency log entries between two timestamps. 

Free/SB:

improvement We improved some design elements to provide a better experience.

Release September 25, 2020 - More Downloads

With this release, we added more possibilities to export data shown in SurfaceBrowser and further improved the preview version of SQL explorer.

SurfaceBrowser

improvement Download possibilities were added to the WHOIS, Mergers & Acquisitions and Suborganizations page

improvement Many improvements have been made for the SQL explorer. Among others, we added support for ISO8601 timestamps and improved the NOT syntax. Also, we made user interface improvements.

Console

improvement We added a search field to the navigation bar to easier access our data in your web browser.

Release September 10, 2020 - Host Page Improvement, Egress Activity

In this release we focused on improving the host page by adding additional information. Additionally we reintroduced the Egress Activity which shows whether we are aware of egress traffic from a specific IP or subnet.

SurfaceBrowser

improvement On the host page we show more data about crawls. Furthermore, we now also show WHOIS data and redirects on the hosts page.

improvement Egress activity has been reintroduced. It shows whether we are aware of egress traffic from an IP or subnet.

improvement On the Activity page the download possiblity has been added.

improvement On the SSL page of a company precertificates are marked as such. Also the SSL certificate detail page has been improved.

improvement Several improvements have been made on the preview version of SQL explorer such as renaming attributes and improving documentation.

API

improvement if-none-match header support has been added to the feed endpoints.

improvement Firehose and Feed endpoints do not count towards the quota anymore.



Release August 28, 2020 - Certificate Transparency Firehose, SSL Certificates, DMARC feed

With this release we added a new Certificate Transparency (CT) log firehose endpoint. It allows you to stream CT log entries we encountred. Additionally we also added a DMARC feed, which offer the latest new DMARC records. In SurfaceBrowser we added a new SSL Certificate Details page.

API

announcement We introduced a new firehose endpoint that streams Certificate Transparency log entries we encountered. This endpoint is available as an addon.

announcement A new DMARC feed endpoint is available. It allows to download new daily DMARC entries. This endpoint is available as an addon.

  fix  Some content-type headers have been adjusted to reflect the type of data they are returning.

SurfaceBrowser

announcement A new SSL certificate detail page has been introduced, which allows the users to view the contents of the certificate.

improvement The activity page has been updated to include additional information about the hostname.

fix We resolved an issue where certain search terms generated an error.

fix Various issues for SQL have been resolved and improvements have been made, such as more examples have been added.

Show Previous EntriesShow Previous Entries