SecurityTrails has taken in this sense of resilience and purposefulness generated by the perilous nature of 2021. We’re celebrating this year’s innumerable gains in providing our customers with proprietary solutions to secure their IT infrastructure and mitigate cyber risk.
Some of our biggest product releases and updates, partnerships, integrations, acquisitions of some of the best infosec tools available, community-led and -focused efforts and campaigns, exciting executive hires and even sharp SecurityTrails swag marked 2021 as a bright new horizon for our company.
So as we edge closer to 2022, let’s take a moment to look back on 2021 and our achievements throughout those 365 days.
Transforming our talented, remote SecurityTrails team
Our vision, mission and culture have crystallized throughout 2021, further influencing the SecurityTrails team, but our singular passion for remaining The Total Internet Inventory has remained intact. We’ve bolstered our executive team with new hires as well as long-time colleagues growing into new positions, shaping our team to help us achieve this goal.
While there weren’t that many of our beloved retreats, collaboration remains at the heart of our remote team. We’ve continued to connect and collaborate through internal projects, courses, our Lunch & Learn series and monthly virtual get-togethers.
In Q4 our Leadership team had a meeting in Orlando, Florida where a new roadmap for 2022 was brought to life. We’re excited to show you how it all unfolds!
If you’re interested in empowering organizations toward thwarting cyber attacks with up-to-date data, custom solutions and proprietary tools, come join our diverse and talented team of experts! Head over to our Careers page to learn more about SecurityTrails culture and open positions in our departments.
Product launches and updates
One of the things we’re most proud of in 2021 is the immense amount of work we put into releasing new products and solutions, enhancing our existing tools, and continuously bringing incremental improvements to our pipeline. And it was all thanks to the feedback provided by you, our users and customers.
You can check all our product updates and launches on our blog, as well as in our Changelog. With regular improvements, releases and fixes, possibly too many to count, let’s highlight 2021’s major SecurityTrails launches and updates:
Attack Surface Intelligence
Starting the year with a real bang, we released a new version of our powerful Attack Surface Intelligence solution. ASI is your one-stop shop for exploring the entire internet surface area of your organization, gaining full visibility over your digital assets and IT infrastructure, giving you a way to take decisive action to reduce risks and prevent attacks.
Notable feature updates include:
- Design changes that provide easy prioritization of information, with more effective aesthetics to enrich any report that calls for your attack surface data
- The Screenshots option, to further improve visualization of digital assets
- An expanded Explorer tab, to provide even more detailed information about your organization’s digital assets and deeper attack surface data analysis
- Technology detection that allows all our ASI customers access to important backend technology data into any tech running on remote hosts
- WAF detection, which allows security researchers and any organization performing discovery and software identification to determine whether assets do or do not have WAF protection
Right in the middle of 2021, after many weeks of developing, testing and perfecting, we finally saw the general release of our SQL-like query language: SecurityTrails SQL. This new product allows security researchers and teams to perform massive intelligence collection and automate their findings.
Integrated as a SecurityTrails API endpoint, in ASI and the SurfaceBrowser™ SQL Explorer interface, SecurityTrails SQL lets you:
Collect data about any host, including domains, DNS records, WHOIS, SSL, HTTP, and the organization it belongs to, along with detailed IP data
Automate detection of security issues
Map your entire digital infrastructure
Detect open services
Improve phishing detection
Find vulnerable operating systems and services
Associated Domains v2
SurfaceBrowser™ offered Associated Domains a few years back, and due to the traction it continued to gain among our customers, it was time for a revamp. The Associated Domains v2 release included a terrific new set of features to provide greater association of domains, setting up groundwork we can build upon even further.
The new version of Associated Domains includes:
- Improvements to the algorithm, allowing us to discover domains missed from other methods
- More focus on mergers, acquisitions, and subsidiaries
- Further clarity on why an association among domains was made
- More than 10 new signals for associations
- Amplified WHOIS, SSL, hosting, nameserver and other areas of infrastructure analysis
One of our most talked-about products, SurfaceBrowser™ has gone through many new changes and updates. Now it can further empower organizations and researchers to view as well as understand the entire external internet surface area of any company, all through a convenient web-based interface.
The most notable changes and features added to SurfaceBrowser™ in 2021 were:
- Improvements to the range of possible HTTP header-based queries, to get critical information present in any HTTP header from a website
- Tags—a simple way to comprehend your findings and access data on numerous technologies and services during research
- The introduction of a provider dossier, enabling you to access hosting-related data of any organization, including company type, description, location and acquisitions
- UI/UX enhancements that introduced a long-awaited dark theme, as well as a new style to the entire interface, ensuring better user experience
- WHOIS data improvements for both API and SurfaceBrowser™ which allow you more visibility over changes on the WHOIS timeline, including further historical records
For us to continually provide the most current DNS, domain, IP and WHOIS data to companies and researchers, we are always ideating the most effective ways to do just that.
Proof of the dedication and hard work we’ve put into perfecting the SecurityTrails API is its enthusiastic and ever-growing fan base—an impressive range of security researchers, red teams, bug bounty hunters and threat intelligence companies that integrate our extensive data into their own applications.
But when it comes to the SecurityTrails API, the best endorsement may be letting the data speak for itself..
Some of the best work delivered by our API is reflected in our partnerships and interactions with the many of the most popular and respected infosec products and platforms around.
Boosting your research with popular integrations
The SecurityTrails API has already been integrated into many security tools, products, apps and plugins. While the quantity of integrations might’ve been lower than in the previous year, their quality certainly hasn’t disappointed.
Throughout the year we worked with respected researchers and companies to allow a new dimension of fetching security data and empowering your research, with the second half of 2021 seeing some of our biggest partnerships and integrations to date.
- Cortex XSOAR - Our API integration with Palo Alto Networks enabled users of their Cortex XSOAR to operationalize our own security intelligence with over 750 products offered through the platform. The SecurityTrails XSOAR integration supports a variety of playbooks including phishing, vulnerability management, IoC enrichment, and endpoint diagnostics.
- Maltego - As the newest integration in our roadmap, our data is now powering the popular Maltego Standard Transforms, adding a new layer to your DNS investigations. With this integration, you can use your SecurityTrails API key and get the most accurate security DNS data instantly, straight from Maltego’s interface.
- Haktrails - Developed by Luke Stephens, better known as hakluke, Haktrails is a terrific reconnaissance tool for querying SecurityTrails API data when performing deep subdomain enumeration.
- Amass - The OWASP Amass project now uses our API to enhance advanced network mapping activities and allows for more efficient attack surface analysis.
- ReconPi - This is a fast reconnaissance tool that helps researchers perform extensive intelligence gathering, using a Raspberry Pi that integrates our API data.
Bug Bounty Hunting Month
Starting with a lot of buzz during NahamCon 2021, we kicked off Bug Bounty Hunting Month as our first major community-led effort. We wanted to celebrate bug bounty hunters—not only for contributing to the growth and refinements of our own tools, but also for their contributions to the entire security industry.
From March to April we delivered expert bug bounty hunting content, interviews with your favorites from the bug hunting scene, amazing giveaways of our flagship passive intelligence tools, and the release of a very special new tool—all geared towards bug hunters as well as those just learning the craft.
Our Bug Bounty Hunter’s Toolkit, released during the month exclusively for bug hunters, was offered at a 50% discount through our network of partners and friends in the community. This exceptional package combined the power of both our API and our proprietary solutions, offering:
- API access with 2500 queries per month
- Subdomain enumeration
- DSL v1 access
- Associated domains
- DNS and WHOIS historical data
The toolkit is still available at the regular rate and can be accessed through our partners or by contacting us and requesting access.
Recon Master Contest
What may have caused an even bigger ruckus in the community than Bug Bounty Hunting Month was the Amass x SecurityTrails Recon Master Contest.
From July to August, researchers used the Amass community information sharing feature that supported submitting new data to SecurityTrails community data sharing API endpoint. Based on how many accurate hostnames were contributed, participants were helping us expand our database, to provide more accurate domain data to everyone.
Along the way they earned points, allowing them to climb to the top of the Leaderboard for a chance to win a stunning variety of prizes.
At the end, we crowned our Recon Master 2021 and the Top 10 joined our Recon Hall of Fame.
Recon Master 2021 presented a novel approach to a contest of that type and size, and you can rest assured that we’ll continue to deliver creative solutions to this pipeline, along with more ways to have fun while winning even more enticing prizes.
With 2021 filled with exciting giveaways, we wanted to up the game and offer special SecurityTrails swag for all of our amazing partners, friends, customers and followers.
Check out how much everyone enjoyed their SecurityTrails swag packs and keep your eyes and ears open on our social media for future giveaways of favorites like these:
What we wrote about
Just as 2021 was transformative for all areas of the SecurityTrails journey, it has also been for our blog. We continue to share a wealth of new and groundbreaking research, collaboration with researchers, candid interviews with industry experts and frequent tool reviews, all with the goal to educate, engage and entertain!
Our blog currently counts 384 blog posts that we have created and released throughout the years. While there are new changes to the way we craft our blog posts in 2022, our dedication to quality, not pure quantity, will continue to shine.
SecurityTrails interviews have been a favorite of many since we started them in 2018; in-depth profiles of your favorite industry experts, researchers, founders and influencers, accompanied by unique photoshoots that allow you to really get to know the human side of our industry. We were happy to bring in even more amazing people in 2021, both during Bug Bounty Hunting Month and in our regular program.
You can find all of the SecurityTrails interviews here.
Blast Radius is a new blog series we began in 2021, where security professionals, researchers and experts take a deep dive into different attacks and vulnerabilities and explore their blast radius—how they can impact the entire internet ecosystem. Each security risk and vulnerability covered got a rating based on severity and quantity, as well as recommendations for prevention and mitigation.
With many zero-day and critical vulnerabilities coming to light during 2021, the topics covered in this series now seem more important than ever.
During 2021 we released four parts to Blast Radius, featuring the following experts and topics:
- Apache Airflow Vulnerabilities by Ian Carroll
- DNS Takeovers by Patrik Hudak
- Misconfigured Kubernetes by Robert Wiggins
- Mapping, Controlling, and Exploiting Dynamic Self-Registration Services by Ken Pyle
Another change that blossomed on our blog during a fruitful 2021 was bringing on guest researchers to write their own thought-pieces, technical how-tos and reconnaissance walkthroughs. We’ve just recently implemented this new approach and have released the following guest posts so far:
- Giving Back to the Community with Ben Bidmead, aka pry, on his Axiom tool, community-oriented efforts, career and much more.
- How I Lost the SecurityTrails #ReconMaster Contest, and How You Can Win: Edge-Case Recon Ideas by Luke Stephens, aka hakluke, on his experience during the Recon Master Contest and some techniques he used.
- 5 minutes to Build a Basic Monitoring and Alerting System for New Subdomains by hakluke on how you can use his own tool, Haktrails, to better your subdomain enumeration methodology.
- Catching Bugs with Adrien Jeanneau about this researcher’s bug bounty hunting methodology
- SecurityTrails as a Threat Intelligence Platform by hakluke on how to use SecurityTrails products for threat intelligence data collection.
- The Most Misunderstood Element: Recon by Michael Skelton, aka codingo, as a deep dive into different types and approaches to reconnaissance.
SecurityTrails Fireside Chat
While finding new ways to deliver educational content and help organizations and individuals operationalize the knowledge we share, SecurityTrails Fireside Chats were born. This lunch-break format of webinars, hosted by our very own VP of Sales, Scott Donnelly, was kickstarted during the last quarter of 2021—but with much enthusiasm our calendar is already jam-packed for 2022.
For our first webinar we were joined by none other than Eric Head, aka todayisnew, the #1 bug bounty hunter on many bug bounty platforms. Eric joined us for a one-of-a-kind attacker’s guide through the attack surface intelligence galaxy, detailing the attacker’s point of view of an organization’s exposed external surface and how they can use that knowledge to overcome any gaps and weak spots in their infrastructure.
For the second and final session of 2021, we got an exclusive behind-the-scenes look at how the highly anticipated and popular Verizon Data Breach Investigation Report was made, directly from its authors Gabriel Bassett and Philippe Langlois. We learned about the infrastructure needed to support such a large-scale report and how you can operationalize its insights to protect your organization.
In the press
With so many new currents running through SecurityTrails throughout 2021, it’s no wonder we made the press more than once.
Right at the beginning of the second quarter, SecurityTrails announced that we secured funding from prominent security tech leaders to accelerate our growth and build The Total Internet Inventory™ even further.
In September, we announced our acquisition of the asset monitoring provider Surface.io in an effort to deliver continuous attack surface monitoring through ASI. This acquisition will allow our users to get information on their digital assets with greater accuracy and eliminate any security risks.
Finally, we celebrate the year by announcing the fortification of our executive team, by bringing on Scott Donnelly as Vice President of Sales and Taylor Dondich as Chief Technology Officer, while long-term team members Courtney Couch and Kris Lopez take on new roles to round out the team as Chief Innovation Officer and Chief of Staff, respectively.
Conclusion for 2021
Just as in 2020, we showed that when the crisis hits, we’re here to support our customers in understanding their risks. This turbulent year was appropriately crowned with the discovery of one of the most serious vulnerabilities to hit the internet, on a Friday night, right in the middle of the holiday season.
The critical vulnerability in Log4J library dubbed Log4Shell appears to be omnipresent in organization IT infrastructures across the world, due to its common presence in some of the most widely used products, software, tools, and more.
Our research team began monitoring and tracking the vulnerability as soon as it was announced, and through our work we enabled our customers to understand their exposure to Log4Shell through ASI. The ASI offering helped our customers establish a real-time inventory of all digital assets, detect products affected by the vulnerability, and identify and triage impacted assets for follow-up activities.
With Log4j and its critical vulnerability that has shaken our industry, 2021 has surely kept us on our toes.
We want to give big props to everyone who continues to support us on our journey of delivering innovative products and tools for providing organizations with greater understanding of their infrastructure to help them combat threats and attacks.
Our roadmap for 2022 is already thoroughly planned and ready for action, so all we can say is buckle up and get ready for the exciting ride next year will bring!