Details
1. Web Scanner (Enterprise & Community)
We've added a new section to the left menu - Explore Web Data. As of release 4.0, this section contains a new feature we're calling Web Scanner.
The Silent Push Web Scanner allows users to execute command line or constructor queries that interrogate our web content database and hunt for malicious websites impersonating their brand, or attempting to circumvent certificate transparency standards.
Web Scanner features 90+ field names available as input parameters, including (but not limited to) the following data:
- Body SSDeep
- Certificates
- HTML title
2. Query results displayed on the same page
Results and parameters have been combined into a single page as collapsible elements, for the following queries:
- Attack Surface Mapping > Digital Footprint for Domain > Hosting Infrastructure - IPs
- Attack Surface Mapping > Potential Vulnerabilities > Discover Shadow IT
This allows users to review query results, and if satisfied, expand the query section to save the recipe.
3. Enrichment: Curated Feeds History Timeline
Enrichment > Curated Feeds History now displays a visual timeline of an observable's presence within trusted threat feeds, along with a contextual menu containing further data:
