Changelog June 13, 2022

  • Announcement 
    • The Risks tab of ASI Projects has been officially depreciated. You can find similar features with improved performance in the Risk Rules tab
    • Self-Signed Certs can now be found as a Risk Rule named Hosts with Self-Signed SSL/TLS Certificates
    • Staging and Dev Subdomains can now be found as a Risk Rule named Development Infrastructure Exposure
    • Finally, Open Ports can now be found in the new Database Open Ports Risk Rule that has been updated to use ASI snapshots. It looks a little different than the previous two rules but it’s increased accuracy and confidence has improved thanks to its use of ASI snapshots

    Associated Domains with Subdomains

    Changelog February 14, 2022

    • NEW!A new template rule has been added to Attack Surface Intelligence. Using Associated Domains with Subdomains automatically populates projects with all hostnames related to your target company.

    Now it's possible to expand your Attack Surface analysis efforts by scanning not only the project's domain name and their associated domains, but also every subdomain associated with all the target's related domains.



    Changelog February 2, 2022

    Improvement Browser session timeout has been extended to a 6 hour session

    improvement Made some visual improvements to the on hover effects for application ports in Explorer Beta 

    bug fix Fixed an issue in with Explorer Beta that caused screenshots to sometimes not display a hostname


    ASR Technologies & IP-Blocks Downloads

    Happy Lunar New Year!

    We've been hard at work getting ready for some new features. Today we're releasing the following

    ASR Detailed Application View added to the Beta Explorer Screenshots page. Users with access to our Beta Explorer can begin testing out our new Detailed Application View by clicking on an item. Doing so will bring up a new modal with more detailed information on a given application

    IP-Blocks Downloads IP-Blocks downloads were completely reworked to improve the performance of the download operation. This is available once again inside SurfaceBrowser in the following path  /app/sb/domain/[domain]/ip-blocks

    Activity Heatmap has been added to surfaceBrowser /app/sb/domain/[domain]/activity

    Bug Fix We also fixed an issue with the subdomains endpoint that was not properly filtering the children_only query param

    Single Sign-On (SSO) Authentication!


    It's time again for a big announcement!

    We’re excited to announce our new SSO authentication system. This release includes Okta as the first integration for all SecurityTrails teams that utilize Okta for SSO.

    You can find all details on how to enable SSO in your account here.

    Stay tuned for more SSO integration announcements soon.

    Several UI Improvements!

    new ui improvements!

    It's time again for some exciting news! Several User Interface improvements were deployed and here's a summary of what's been done:
    • Updated SurfaceBrowser™ navigation to streamline exploratory items into "Browse"
    • New, fresh icons on the SurfaceBrowser™ home page
    • Updates to the Attack Surface Reduction nodes report nodes report

    New UI light/dark mode styling available

    ANNOUNCEMENTIt's time again for some very exciting news! 
    Whether you're a fan of light or dark mode, both options are available today in SecurityTrails™ Free App, ASR, SurfaceBrowser, and User Console.

    Easily configurable styling change is available at each page footer, after clicking the switch.


    Your preferences will be saved in your profile and can be changed anytime.

    New SecurityTrails™ SQL API

    announcement Exciting news!! Our new SQL API endpoint is launched.
    This replaces any prototype DSLv2 endpoints and is production-ready.  
    Please contact sales if you'd like to subscribe to it (it's not currently included in retail packages)

    You'll be able to:

    • Use SQL-like language to query our database in a very convenient and fast way.
    • Enjoy swift response times, with multiple fields to query our entire dataset (often under 50ms).
    • Obtain a JSON-formatted response for you to parse, transform and enhance the data.
    • Shape your query using our SurfaceBrowser SQL Explorer and use it in the API.


    Check these links for documentation, and a full reference or properties and operators.



    Release: May 19, 2020 - Company Acquisitions, Sub-organizations, Activity & More


    SurfaceBrowser

    announcement New Company Acquisitions page

    For each company you search for, there is a new section under "Associations" which includes and acquisitions that the company has completed and the date they completed it.

    To get there in SurfaceBrowser, search for a company in the top search bar and select "Mergers & Acquisitions" in the bottom left of the side navigation bar under "Associations".


    announcement  New “Suborganizations” page


    announcement New Activity page for a company 

    See new subdomains created in order of creation date.  This is a great view to understand what recent changes a company is making to the technologies they use. 

    To get there, inside of SurfaceBrowser, search for a company in the top search bar and then click "Activity" under the "Domain" section of the side navigation.


    improvement Better Company Searching

    Search for a partial keyword to see all companies that match using our custom ranking algorithm.

    To see it in action, search for a partial keyword - like "safe" in SurfaceBrowser, and then select the "More Results" link


    improvement  SSL box added to the IP summary page with more detailed information on certs

    improvement   Improved performance of the SSL tab on the company page when the number of certificates is huge

    improvement  The definitions of colors for WHOIS History on the company page are clarified

    improvement  New and improved downloads! Rebuilt from the ground up with improved performance, stability, and you can now download most filtered results

    fix  The Historical DNS table now has a sharable URL

    fix Improved the accuracy of the Stats page on the SecurityTrails website

    fix The Company page sidebar now correctly shows the count of SSL certs

    fix The Company summary page now hides cards with information that is currently unavailable


    API

    fix  Improved the consistency of empty records for the Domain Details endpoint. Null values are returned now, instead of empty JSON objects.


    Console

    fix The domain feed page would sometimes crash when selecting the historical feed, this bug is now fixed



    Show Previous EntriesShow Previous Entries