Contents x
      Release 3.3 (September 2023)
      • 18 Dec 2023
      • 1 Minute to read
      • Print
      • Dark
        Light
      Contents

      Release 3.3 (September 2023)

      • Updated on 18 Dec 2023
      • 1 Minute to read
      • Print
      • Dark
        Light
      Article summary

      Details

      Filtering via tag and feed/collection name (Threat Ranking)

      Users are now able to filter the Threat Ranking screen by tag and feed/collection name. Users are also able to filter by tag within Threat Ranking details.

      Query placement

      The Domain TXT Record query has been moved from Explore DNS data into Attack Surface Mapping > Digital Footprint for Domain

      The Dangling DNS Record Count query has been moved from Attack Surface Mapping > Digital Footprint for Domain into Attack Surface Mapping > Potential Vulnerabilities

      Query History

      We’ve added a new section into the left-hand menu called Query History, containing a filtered list of all queries a user has run in the previous 30 days, including the saved data. Fields include:

      • Query execution date
      • Job ID
      • Query type
      • Query URL
      • Status
      • Total results
      • Actions
      • Open S3 buckets

      If an enriched observable has any open S3 buckets associated with it, this data will be displayed in the Flags section of the Enrichment screen.

      Right-click functionality

      We’ve added right-click functionality to the Threat Intelligence Management section.

      New TXT record query

      We've added a query that provides a list of all servers authorized to send emails on behalf of a particular domain.

      The Name In TXT Records query appears under the Digital Threat Management section, utilizing a reverse TXT lookup that populates results on the Explore screen.

      Enhanced output/visualization for certificate, JARM, domain and favicon scans

      The following queries now output data on the Explore screen:

      • Domain Search
      • IPv4 scan data - certificates
      • IPv4 scan data - JARM
      • IPv4 scan data - favicon

      Each of the above queries now features enhanced data visualization that provide far greater context to a set of results, resulting in granular output that sheds even more light on a specific observable/IOC.

      Pivoting through ASN data

      The Attack Surface Mapping > Digital Footprint for Domain > Hosting Infrastructure ASN query now gives users the ability to one-click pivot through ASN data via the Domain Host ASN column, with data outputted in the Explore table. Left-clicking on the blue dot next to selected data will TEXT HERE

      Was this article helpful?
      What's Next