news interviews tips

SecurityTrails Blog · Dec 19 2019 · SecurityTrails team

SecurityTrails Year in Review 2019

Reading time: 11 minutes

Now’s the time when we can take a thoughtful step back and reminisce about the events that have unfolded over the year. Please join us as we take a look at the many milestones, developments and innovations SecurityTrails has seen during the past twelve months.

With so many new tools, product launches, design updates and blog series introduced, it’s important that we celebrate the exciting journey we’ve been on this year. We always put great effort into making our products and content better, stronger and more innovative, and thanks to valuable customer feedback, we’ve been able to do just that.

2019 was truly a banner year with many milestones and goals achieved. So before we step forward into 2020, let’s do a recap of all the exciting things we shared in our blog and on our website.

New team members

SecurityTrails was founded in 2017 by people who got tired of searching through massive amounts of cyber threat intel manually and exploring numerous data sources on our own. For years we’d been searching for a powerful tool to make the overwhelming volume of data comprehensible and easily accessible. This was, and still is, the goal that drives SecurityTrails—relevancy, reliability, accessibility, and simplicity of data that will help researchers and companies build new products, to prevent future cyber attacks and more.

What started as three individuals, quickly grew to a team of seven by the end of our first year. Sure, it can be a challenge to find experts who love infosec as much as we do, but we’re dedicated to engaging the best data scientists, security researchers and anyone else obsessed with data and cyber threat intelligence to enhance our mission.

Being a fully remote team, we’re fortunate to be able to search for the best talent across the entire globe, and now SecurityTrails has team members in the USA, Serbia, Ukraine, Germany, Uruguay, Finland, South Africa, the Philippines and Argentina. As we round out the year, our team currently counts 27 individuals. It’s very motivating and humbling when we think of all the great experts we’ve been able to bring to SecurityTrails, and we intend to keep growing as a team.

If this is something that speaks to you, and you recognize yourself as someone who can help us achieve our goal, be sure to check out our Careers page for open positions.

Growing the team

Product launches and updates

Do you remember DNSTrails? It’s been some time since we created the first version of this product, and each year we work tirelessly to bring constant improvements to our API, Feeds, SurfaceBrowser™ and website. Thanks to valuable feedback and support from you, our customers, and our dedicated product and engineering team, we were able to bring you a number of product updates and new launches in 2019.

At the beginning of the year we shared some major updates to our domain discovery pipeline; we built a proprietary pipeline of 40 sources and increased our ccTLD coverage. Currently, we have over 300 million domains in our database, with more than 100 million of them being ccTLDs.

Domain discovery pipeline

There were numerous product updates for SurfaceBrowser™, including the “Explore” feature to filter and pivot through different pieces of data we have on domains, and a download of custom subdomain lists, among others.

We also introduced new features to our DNS and domain intel API. Some exciting new API filters and endpoints were added to make it even easier to fetch any domain and WHOIS-related data.

Number of API queries Average number of API requests Most used endpoints

And to help you integrate our security API into your own tools or applications, we added new integrations and API wrappers which can be viewed in our recap of all SecurityTrails integrations.

Ending the year with a bang, Attack Surface Reduction - ASR was introduced in October, a powerful shadow infrastructure discovery tool that allows you to surface your critical assets, analyze and track them and identify risks and threats, all through a unified command center.

Attack Surface Reduction - ASR introduced

For 2020, we certainly don’t plan on slowing down with new releases. We’re always looking for ways to make our interface easier to use, improve our existing tools and create new solutions, so stay tuned to find out what’s coming next.

Our Blog

Currently, the SecurityTrails blog features 177 posts, of which more than half were published in 2019!

Number of blog posts

Twice a week, we strive to provide the most informational, educational and fun-to-read content possible for our blog. We feature a wide array of articles; whether it’s covering basic terminology and concepts in cybersecurity, providing technical write-ups on our favorite tools or bringing knowledgeable guests to our interview series, we strive to be the go-to place for anyone looking to learn something new or refresh their security knowledge.

The most viewed blog post

Covering the basics in cybersecurity is important in the prevention of any threats. We have a plethora of articles that cover specific cybersecurity topics to provide you with insight into identifying and protecting yourself against any future attacks.

Learning about everything there is to know about a successful OpSec process, security breaches, cyber crime and its different types, such as DNS hijacking and social engineering, will help prepare you for any threats that come your way.

And once you’re familiar with your enemy and their tactics, it’s important to get to know other cybersecurity concepts, such as the attack surface, cyber threat intelligence and importance of instilling cybersecurity culture in your company.

One of our favorite topics is techniques, tools and technologies from the industry. We’re enthusiastic about sharing new, cutting-edge ones but also like to emphasize unexpected ways in which you can use familiar, well-loved tools.

Everything starts with the recon process, so for anyone just starting out in OSINT, knowing which tools and techniques to use for DNS enumeration is essential. For those more advanced in OSINT and the information gathering process, we often review OSINT utilities and talk about its importance in cybersecurity, so it’s no wonder that the OSINT Framework won us over with its ability to list out all OSINT tools and classify intel sources, making digital footprinting, intelligence gathering and reconnaissance that much easier.

While on the topic of intelligence gathering, we can’t skip out on our favorite network scanning tools. Whether you’re in search of vulnerability scanners to be proactive and use these tools to identify, categorize, fix and monitor any possible threats, or you’re interested in a subdomain scanner to include in your recon tasks, we’ve got you covered.

And to further enhance your network scans, look no further than our beloved Nmap. You can use Nmap to detect CVEs using NSE scripts, so be sure to check out their Nmap Scripting Engine.

And whether you’re a beginner in infosec or a veteran professional, identifying a company’s public network address range is an important step in any cybersecurity investigation. This is why we shared the best ways to find IP addresses owned by a company, using WHOIS information, RIR API and our very own SurfaceBrowser™.

What about essential security APIs for detecting malware, exploring your attack surface area and bug bounty hunting? You’ll want to check out our list of top 12 security APIs to help you do just that.

While we do provide weekly technical reviews of the best security tools out there, we’re aware of the importance of covering the basics and producing content that is not only enjoyed by professionals but also by anyone starting out in the industry.

Interview Series

Interview series

The SecurityTrails interview series kicked off in February of 2019. It started as a series of interviews with cybersecurity entrepreneurs who are behind our, and your, favorite tools, but we wanted to branch out—so we now also feature data scientists, security researchers and other infosec professionals.

We did an interview series recap somewhere around the halfway point in our journey, but after that came more notable interviews with industry veterans. Vincent Yiu shared his research and insight into the current state of cloud security, breaches caused by open s3 buckets, and his favorite tools to discover them.

Our very own data scientist, Ilija Subašić, PhD, gave us a glimpse into his methodology, how data scientists observe and analyze data and what we can learn from their scientific problem-solving approach.

We met up with Jonathan Cran in Austin—”the best city in the world,” according to him. He is the founder of Intrigue, an automated OSINT and recon framework that provides asset intelligence. Valuable information on data-driven security, threat intelligence and minimizing the attack surface make this interview a standout.

Security professionals are still human after all and they fall victim to cognitive biases. To learn more about the importance of understanding those biases and better security decision-making, we visited Kelly Shortridge, VP of Product Strategy at Capsule8, in New York.

For the last interview of the year, we created something special with security researcher and scuba diver, Jose Hernandez. As a hacker by day, and a scuba diver by, well, also day, Jose took us on one of his diving trips and showed us that true hackers even take their laptops under water.

Overall, the focus of the interview series is on finding the balance between asking the right technical questions and talking about the favorite video games that prompted them to get into infosec. We hope we’ve managed to do just that.

ProTips

Pro tips

A fairly new feature of our blog is the ProTips series. In ProTips, we bring industry experts to share their methodologies, tips, favorite Github projects and more; a true cybersecurity skill sharpener!

Our first expert was Patrik Hudak, a security researcher and bug bounty hunter who showed us how to perform advanced recon, his “smart brute forcing” technique and how to build better wordlists.

After Patrik we welcomed none other than Random Robbie, who shared his clever fingerprinting tactics, explained how he caught bugs by first following researchers on Twitter and detailed how to use MIME types to minimize false positives—which is so genius we’re sorry we hadn’t thought of it first.

The latest installment in the ProTips series welcomed Andrew Morris, who was also our first interviewee. Something Andrew knows best is how to filter the background noise of the Internet and contextualize alerts—and that’s precisely what he shared with us. Learn about his favorite ways to use GreyNoise Intelligence and its integrations to improve your threat intelligence.

We have many more ProTips prepared for next year, so expect even more cutting-edge methodologies and tips from security experts.

Keeping your domains secure

Domain security & solutions

Domain security is a serious matter and should never be regarded lightly. This is why we featured a four-part series on different domain security threats, how to protect against them and how SecurityTrails can be the perfect solution for chasing down the bad guys and keeping your domain and reputation safe.

In part one of this series we got familiar with the concept of domain squatting, also known as cybersquatting, and the issues that come with it—such as copyright infringement. You can also find tips for both visitors and company owners on how to avoid different types of cybersquatting and how to set up brand monitoring using SecurityTrails API service.

The second part of the series was dedicated to phishing and trademark infringement attacks. We explored different types of phishing and how to prevent these types of attacks. And while the SecurityTrails public web app can help you track down infringing domains, SurfaceBrowser™ can provide a more thorough analysis of attack surface data.

And what about defending yourself against subdomain takeover attacks? Our third part of domain security covers that topic, the stale DNS record concept and the prevention against would-be attackers exploiting this DNS threat.

The final installment in the series has asked—and answered—the question: What types of attacks can be performed against my domain names that directly involve my domain registrar security? Explore the best ways to protect your domain at the registrar to protect yourself against these types of cyber threats.

Final words

That’s a wrap on 2019. We’re very grateful to everyone on our team who helped make this year as successful as it’s been and for continuously working on making our products better, faster and smarter.

SecurityTrails also wants to thank everyone from the community who loves and uses our products, and who unsparingly shared their feedback. Without you inspiring us, we wouldn’t be where we are now. We will continue to work hard to be your number one source of cybersecurity data out there, so stay tuned to learn about many more projects we’re preparing for you. ‘Til next year!