- 18 Dec 2023
- 1 Minute to read
- Print
- DarkLight
Release 3.3 (September 2023)
- Updated on 18 Dec 2023
- 1 Minute to read
- Print
- DarkLight
Details
Filtering via tag and feed/collection name (Threat Ranking)
Users are now able to filter the Threat Ranking
screen by tag and feed/collection name. Users are also able to filter by tag within Threat Ranking
details.
Query placement
The Domain TXT Record
query has been moved from Explore DNS data into Attack Surface Mapping > Digital Footprint for Domain
The Dangling DNS Record Count
query has been moved from Attack Surface Mapping > Digital Footprint for Domain
into Attack Surface Mapping > Potential Vulnerabilities
Query History
We’ve added a new section into the left-hand menu called Query History
, containing a filtered list of all queries a user has run in the previous 30 days, including the saved data. Fields include:
- Query execution date
- Job ID
- Query type
- Query URL
- Status
- Total results
- Actions
- Open S3 buckets
If an enriched observable has any open S3 buckets associated with it, this data will be displayed in the Flags section of the Enrichment screen.
Right-click functionality
We’ve added right-click functionality to the Threat Intelligence Management
section.
New TXT record query
We've added a query that provides a list of all servers authorized to send emails on behalf of a particular domain.
The Name In TXT Records
query appears under the Digital Threat Management
section, utilizing a reverse TXT lookup that populates results on the Explore
screen.
Enhanced output/visualization for certificate, JARM, domain and favicon scans
The following queries now output data on the Explore screen:
Domain Search
IPv4 scan data - certificates
IPv4 scan data - JARM
IPv4 scan data - favicon
Each of the above queries now features enhanced data visualization that provide far greater context to a set of results, resulting in granular output that sheds even more light on a specific observable/IOC.
Pivoting through ASN data
The Attack Surface Mapping > Digital Footprint for Domain > Hosting Infrastructure ASN
query now gives users the ability to one-click pivot through ASN data via the Domain Host ASN column, with data outputted in the Explore table. Left-clicking on the blue dot next to selected data will TEXT HERE