News & Release Notes

Improvements to Discover and Defacement Monitoring

An update focused on reducing noise and expanding compatibility for web monitoring.

• Discover: fixed an issue that caused recurring false change detections.
• Defacement: rules now support protocol (HTTP/HTTPS), IP and port to cover assets that require HTTPS or specific services.

More monitoring context and a new alert timeline view

Improvements to understand why findings happen and to visualize changes more clearly.

• Monitoring: details now show whether a domain appears in a feed, the report reason, and the originating feed.
• Also available in Alerts and Hunting to speed up investigation.
• Alerts: updated timeline view to make changes easier to review.

New module: Defacement Monitoring

Monitor website integrity and detect unauthorized content changes to speed up response and restoration.

OPS API — end-to-end operations automation

A new API designed to automate brand protection and digital fraud workflows: from detection and classification to management and tracking.

• Consistent filters and states for SOAR, SIEM and ITSM integrations.
• Support for operational management: alerts, monitoring and actions.

Deep Scan: indicator extraction from HTML

A new capability in Monitoring and Alerts (Deep Scan) that analyzes HTML to extract relevant elements and technical indicators (for example, endpoints, links, forms or redirects). Extracted elements may include Telegram endpoints or other services.

Detection rule exceptions

You can now define exceptions using exact matches or regular expressions to reduce false positives and tailor detection to your environment.

New module: Zero Scam SSL

A new detection module focused on SSL signals and configurations associated with fraud, expanding coverage and speeding up triage.