News & Release Notes

New environment: Analyst Workspace, Dark Web Redesign & Core Updates

We are introducing a new integrated workflow designed to streamline incident management and asset intelligence, alongside major platform-wide updates.

• Analyst Workspace: New module for active case management. Transform raw intelligence into documented investigations with support for analyst notes, automated IOC extraction, and correlated threat discovery. Now featuring Vis.js interactive graphing and advanced PDF report exports (Executive Summary, TTPs, Infrastructure).
• Dark Web - Asset Monitoring: We have completely redesigned the Dark Web module. It now operates as a strict Asset-Centric radar, filtering out global noise and alerting exclusively on the domains and keywords configured in your rules.
• Threat Intel Correlation: Real-time cross-integration. If a Threat Actor claims an attack on one of your monitored domains (Defacement), the system now triggers an automatic preventive alert.
• Discovery - Offline Host Tracking: The Discovery module now tracks subdomain lifecycles. Hosts that stop resolving are explicitly marked as [OFFLINE] 👻, preventing false positives, accompanied by completely redesigned PDF reports and email alerts.
• Anti-Spam Filtering: The ingestion engine now features improved heuristics to ignore irrelevant spam (promotions, flights, fake refunds) across Dark Web and Telegram channels.
• Usability Improvements (UX): Deployment of stylized modal windows (SweetAlert) to prevent accidental actions, and complete standardization of the session logout popup across the platform.

Global Threat Intelligence improvements: Custom alerts

You can now configure targeted notifications by countries of interest. This improvement helps reduce noise and ensures you only receive threat intelligence alerts that are highly relevant to your organization.

New module: Global Threat Intelligence

Access to threat intelligence to identify malicious actors, targeted campaigns, and relevant mentions in an early and actionable manner. Includes the ability to configure personalized alerts by targeted domains.

Zero Scam evolution: Earlier fraud detection

We have strengthened our Zero Scam module capabilities to stay ahead of new attacker tactics. This update significantly improves alert accuracy, reducing noise and helping protect your brand from the very beginning.

New Notmining AI Shield extension: Data Leak Prevention

We are launching our new browser extension designed to protect your company's confidential information. It solves the growing risk of corporate data leaks (DLP) by proactively blocking attempts to share sensitive information, such as passwords, on generative AI platforms or other websites.

Active Monitoring Evolution: Full control over hidden redirections and content changes

We are upgrading our Monitoring engine to uncover stealthy threats attempting to bypass traditional detection methods.

• Smart visual analysis: The system now interprets the actual page content. You will be automatically alerted if a cloned website drastically changes its appearance to prepare a new attack.
• Evasive redirection detection: Our engine now navigates like a real user, detecting and tracing complex JavaScript or Meta-Refresh based redirections often missed by basic tools.
• Transparent history: All these changes and movements are instantly documented in the domain's interactive timeline, cutting investigation times down to seconds.

Update to Spanish Target Notifications, Threat Alerts and Dark Web Monitoring

We have expanded our monitoring coverage to improve the early detection of targeted threats and data leaks.

• Spanish Target Notifications and Threat Alerts have been updated, with improvements also applying to the Dark Web Monitoring module.
• We have expanded our active monitoring sources with new dark web forums and ransomware groups. A constantly evolving ecosystem, researched and updated daily by our team to keep you always one step ahead.
• This improvement enables broader and earlier visibility into potential breaches or fraud campaigns.

Defacement Monitoring: faster detection and improved response capacity

A new improvement designed to accelerate the detection of unauthorized changes and reduce response time in defacement incidents.

• Monitoring engine optimized to shorten detection times.
• Greater operational agility across environments with multiple monitored web assets.
• Designed to speed up triage and improve team response capability.

Dark Web Monitoring: more visibility to accelerate analysis

An update focused on providing more context and visibility around findings to make analysis and prioritization easier.

• Improved findings visibility for easier review.
• More clarity around detection context to speed up investigation.
• Designed to help teams identify what matters sooner and reduce analysis time.

Improvements to Discover and Defacement Monitoring

An update focused on reducing noise and expanding compatibility for web monitoring.

• Discover: fixed an issue that caused recurring false change detections.
• Defacement: rules now support protocol (HTTP/HTTPS), IP and port to cover assets that require HTTPS or specific services.

More monitoring context and a new alert timeline view

Improvements to understand why findings happen and to visualize changes more clearly.

• Monitoring: details now show whether a domain appears in a feed, the report reason, and the originating feed.
• Also available in Alerts and Hunting to speed up investigation.
• Alerts: updated timeline view to make changes easier to review.

New module: Defacement Monitoring

Monitor website integrity and detect unauthorized content changes to speed up response and restoration.

OPS API — end-to-end operations automation

A new API designed to automate brand protection and digital fraud workflows: from detection and classification to management and tracking.

• Consistent filters and states for SOAR, SIEM and ITSM integrations.
• Support for operational management: alerts, monitoring and actions.

Deep Scan: indicator extraction from HTML

A new capability in Monitoring and Alerts (Deep Scan) that analyzes HTML to extract relevant elements and technical indicators (for example, endpoints, links, forms or redirects). Extracted elements may include Telegram endpoints or other services.

Detection rule exceptions

You can now define exceptions using exact matches or regular expressions to reduce false positives and tailor detection to your environment.

New module: Zero Scam SSL

A new detection module focused on SSL signals and configurations associated with fraud, expanding coverage and speeding up triage.