Changelog¶
This page shows the change log for the SATAYO Threat Intelligence Platform (TIP).
4.12 released on 2024-10-23
added The insert_time field to API responses to indicate the data discovery timestamp
added A new API endpoint to export the ticket list. The feature is available in the global APIs
added The ability to organize domains into groups and grant users restricted access to the platform
added Now the indication of the number of assets, used to manage the service quotation, can be viewed on the License page. In addition, a graph has been added to the Report section, showing the trend over time of the number of assets for each individual domain of your organization
4.11 released on 2024-08-14
added IP enrichment with nat configuration and additional information. This information is useful to enrich the context at the customer infrastructure level and consequently provide more precise remediation indications on tickets.
added Hudson Rock Cavalier Platform Integration. This integration significantly improves SATAYO’s coverage of infostealer logs.
added Combo List Integration. When combo lists are detected on different types of sources, they are indexed and displayed in the “Breached Account” section or in the “Market” section, depending on the type of combo list.
added Check the presence of detected vulnerabilities within the KEV (Known Exploited Vulnerabilities) catalog
4.10 released on 2024-05-07
added Related tickets for users in the Mail section
added username visibility in market evidence
added list of usernames for market resources
4.9 released on 2024-03-25
fixed bug fixed and performance improvements
security multiple security improvements
4.8 released on 2024-02-05
added Different filters for Vulnerability
added License page
changed Improved tables for Vulnerability evidence
fixed Bug during CSV export of Mail evidence
4.7 released on 2024-01-05
added VIP Password Global Overview
added Breached VIP Accounts Global Overview
added Global Overview for Domain tld, Domain similar, Domain suspicious, Domain correlated and Domain phishing Global Overview
added Ransomware Monitor Statistic, Search and Evidence
added the possibility to set email accounts as disabled to stop receiving tickets related to them
4.6 released on 2023-10-03
added Blacklist indicators & indicators page
added Ransomware Monitor
added alert for changing vip email
added Context Data of various data breaches (Federprivacy)
added EPSS score in CVE page
changed split the market into two tabs: Evidence and Risk Accepted
4.5 released on 2023-07-05
added access to the managed status page for partners
added checks if an email is attached to an account on miro.com
added Mail VIP Global Overview
added difference between old and new evidence in the search box
added links for the different domains in global cve page
added set up your organization’s VIP mail accounts
fixed bug in count Filtered Tickets and Total Tickets
4.4 released on 2023-05-03
added Market Global Overview
added Sandboxes Global Overview
added Severity overview of the market resources
added New dashboards have been created on the Status Managed page
added the value of the remaining credit to the market pages
added Use of VirusTotal and Shodan to retrieve subdomains
added view filtered tickets on the dashboard
added Unsubscribed Social & Services
changed Overview for ticket in the managed service
4.3 released on 2023-03-19
added Traffic Light Protocol (TLP) system for classifying sensitive information
added fixed vulnerabilities are now highlighted with a green tick
added advanced profile search within Instagram
added IntelX platform content integration
fixed phone evidence
fixed new research notification
4.2 released on 2023-01-11
added Information regarding the tactics and techniques of the MITRE ATT&CK®
added Context Data of various data breaches (azazie, virustotal(multiple combolists), amway, brazilcatho, twitter200M, deezer, gemini, radioitalia, whitepages, ticketcounter, flexbooker, guntrader, onlinerspambot, imesh, netlog)
added registrant information for domain link
added VIP account - VIP accounts can now be monitored. VIP accounts are those relating to senior figures with a domain outside the monitored ones (e.g. gmail). VIP accounts must be reported by opening a ticket.
fixed bug fix
fixed domain similar notification
fixed 2easy market scraper
4.1 released on 2022-11-04
added new item sandboxes
added SATAYO user guide (link in menu)
added link from JIRA to SATAYO (managed service)
added The “Global Overview” provides a cross-domain view of the evidence found
changed graph icon
fixed Russian market scraper
fixed CVE order by CVSS score v3
security low vulnerability patch
4.0 released on 2022-10-10
added description field to CVE export
added Context Data of various data breaches (Exactis Netprospex StockX Start.ru (new Breach) Stripchat Tapa Airport)
fixed order column cvss for CVE evidence
3.7 released on 2022-07-13
added Continuous monitoring of the evidence published in the Genesis and Russian market places
added On the items relating to ports and vulnerabilities, evidence is given if that resource resides on IPs directly managed by the organization
added Context Data of various data breaches (Disk Union, Coin Pay Ex)
added severity field for the ticket in the managed service
changed overview for ticket in the managed service
3.6 released on 2022-06-13
added Parsing DMARC and SPF with verification of warnings or errors
fixed domain evidence in report
3.5 released on 2022-05-19
added Correlation of the CVEs identified with their presence within the TTPs (Tactics, Techniques, Procedures) used by threat actors
added Description of the identified CVEs
added Indication of the fact that the CVEs identified concern IPs present within IP blocks directly managed by your organization
added Management of related domains item: ability to manually add directly managed domains (black suitcase icon); automatic correlation through WHOIS record analysis of domains residing on networks not directly managed (black suitcase icon); automatic correlation through WHOIS record analysis of domains residing on networks not directly managed (blue suitcase icon)
added Context Data of various data breaches (adapt, riaru ,readnovel, mgm)
3.4 released on 2022-03-06
added Interactive Network Visualisation (beta)
added evidence of the paste value
added domains defined as suspicious since they contain the company’s domain
added Context Data of various data breaches (500px, animaljam, bb, animoto, annual, bitly, crackingforum, dave, eatstreet, indiamart, xhamster, youku, zomato, adityaBirla, yahoo, abandonia, aimjunkies, autohotkey, bitcointalk, bitshacking, bleachanime, couponmom2014, cfire, cheapassgamer, chinaeko, comicbookresources, crackingitaly, digitalgangster, openraid, combo, neteller)
3.3 released on 2021-11-26
added SATAYO now searches for Google and Amazon Buckets as well as Azure Conteiners related to the company domain.
added “Last modified” column in file evidence
added Possibility to mark as verified the emails that are reported within the various data breaches. The date and the user who carried out the verification are associated. In the event of new emails present in the future in the same data breach, a new verification by the organization is required.
added hashes of files found by SATAYO
changed improved file search by SATAYO
fixed VirusTotal Evidence
security Addition of the CSRF token to all user-interactable forms.
3.2 released on 2021-10-19
added API (Application Programming Interface): on the export page, accessible from the home page, it is now possible to enable your token to use the API and integrate the evidence collected by SATAYO into other platforms.
added Subdomain Takeover Checker. This evidence allows an attacker to set up a page on the service that was being used and point their page to that sub-domain.
added The related domains are now shown only in case of resources of those domains present on IP blocks managed directly by your organization. The reference IP of that particular domain is also indicated.
3.1 released on 2021-10-13
added MFA (Multi Factor Authentication): now, through the user menu, it is possible to configure the second authentication factor to make access to SATAYO more secure. Currently, the Google Authenticator app can be used as a second authentication factor.
fixed Domain date format
3.0 released on 2021-09-24
added Internal search engine. Through this feature it is possible to search for IP addresses, hostnames, email accounts, CVEs, data breaches in all the evidence discovered by SATAYO for the organization’s domains.
added Continuous, real-time scraping of Pastebin, with verification of evidence relating to the organization, using the configured keywords.
added the evidence of ip addresses managed directly by the company
added SATAYO now searches for similar domains used in phishing campaigns
2.5 released on 2021-08-16
added Information relating to the target within the records relating to the related domains, highlighting the types of the record.
added Context Data of various data breaches (Badoo, Boxee, Lumin, Cafepress, Evite, Edmodo, BitLy, Pixlr, EyeEm, Liker, Houzz…)
added Now from the password section it is possible to have evidence of the data breaches within which that password is present
added A threat actor has leaked a list of Fortinet VPN login names and passwords that were allegedly scraped from exploitable (see CVE-2018-13379) devices in 2020 summer. SATAYO checks if the IPs of your organization are within this list.
added A threat actor has leaked a list of Ivanti Pulse Connect Secure potentially vulnerable (see CVE-2021-22893 and CVE-2019-11510). SATAYO checks if the IPs of your organization are within this list.
changed Alignment of information enrichment (registrar, country) relating to the types of domains managed (TLD, similar, related).
fixed export Hostnames/IPs
2.4 released on 2021-07-07
added new Open Bug Bounty notify
added information in the Open Bug Bounty page
changed score calculation for Open Bug Bounty. Now the status and date of release are considered.
fixed country flag
2.3 released on 2021-03-18
added verification of the existence of MX records for domain similar and subsequent verification of the presence of the same in the blacklist
added check if the domains (correlated, similar and TLD) are managed by the organization in SATAYO
added checking the contents of robots.txt. If there are paths in the file related to administrative areas, an alert is displayed
added navigation menu on the research and statistics page
added in the “Phone number” object, in the “Source” column, the web resource in which the telephone number has been identified is shown
added registrar information for domain link
added Improve hostnames research
added GRAPH: comparison between the different historical scores
added Evidence of similar or tld domain that are owned by the organization
fixed email validation
removed domain similar of organization in CSV files
2.2 released on 2021-03-01
added the “Global Executive Summary”, printable from home page, contains matrices that aim to provide a quick observation point on issues that require the assignment of a high degree of priorities in mitigation / remediation issues
added the Exposure Assessment Index Value (EAIV), visible both in the web report and in the docx format, shows the degree of exposure of the 3 macro areas (Infrastructure - Data, Files & People - Deep & Dark Web)
added possibility to export data, from home page and in csv / plain text format, of different types (Mail, Domain Similar [last 60 days], Vulnerability High, Hostnames/IPs, SSL problems, Registry, Password)
added possibility to change the display order of the accounts present in the data breach. Now they can be sorted based on the date of release of the data breach or the date of discovery by SATAYO
added notification for new deployments
added possibility to export data, from home page and in csv / plain text format, of different types (Domain Similar ALL, CVE ALL)
added data breach and context data
added check on the correct configuration of the records relating to the ip blocks used
added descriptive field on the methods used to retrieve evidence relating to ips and hostnames
fixed improvement in searching for ip resources not linked to hostname
fixed Arrangement of fields related to TLS exposure
2.1 released on 2020-12-28
added new social
added for each vulnerability, the possible presence of exploits available is shown
added in the main menu a page that allows you to view the contact channels to receive technical support
fixed report
fixed time ago with years and months
fixed more CVE entity
fixed network graphs
2.0 released on 2020-12-01
added Breach last update for this domain
added item’s last evidence
added PDL data breach raw
added Link for malicious verify scan
added favorite in registry
added mobileapps in report
added technologies graph in report
added a report in docx format, containing all the evidence found, can be downloaded from the Report area
changed the presence of every single email account is checked within about 120 different web services
fixed bug fix in keyword databreach
fixed home items date
1.9 released on 2020-11-03
added ips download CSV (beta)
added Home - Report print button
added export page
added API documentation
added keywords visibility for collected records
added security News page
added Item SSL
added Cit0day data breach raw
added 2,844 Troy Hunt collection data breach raw
removed ips download CSV (beta)
1.8 released on 2020-09-28
added LinkedIn mail enumeration
1.7 released on 2020-09-11
added Ips country
added research created date in home
added malicious verify scan for ip
added Item CVE
added Item PORT
added link password to mail
changed single mail view in Breached Accounts
fixed Image domain similar country
1.6 released on 2020-08-27
added Keywords in Deep & Dark Web
added breach insert time
added paste insert time
added Deep & Dark Web - Conti News
added Deep & Dark Web - exploit.in
added Domain similar country
changed New mail sort
changed New domain link sort
fixed clear table sort
fixed SSL cert number
fixed sort users
1.5 released on 2020-08-19
added Deep & Dark Web
added column permission in partner org page
added new DeepDarkWEB notify
added new IP blacklist notify
added new Hostname blacklist notify
added Deep & Dark Web - Maze
added Deep & Dark Web - Raidforun
added Deep & Dark Web - Twitter
added Deep & Dark Web - Telegram
added Deep & Dark Web - darksearch
fixed CSS table
1.4 released on 2020-08-13
added partner
changed user page
1.3 released on 2020-08-10
added table sort
added tool: pagine gialle
added item last update
added recover password
fixed microsoft vulnerabilities
1.2 released on 2020-07-01
added changelog
added mail insert time
added domain insert time
added ticket
changed UI color table
fixed Phone number
fixed Mail