February 24, 2025

DiscoveryAssessmentMonitoringCollaborate and Manage
Written By Threat NG Staff

Elevated External Attack Surface Management and Digital Risk Protection with Enhanced Online Sharing and Website Control File Analysis

ThreatNG has substantially upgraded its platform with enhancements across various modules, concentrating on online sharing exposure and website control file analysis. These improvements are designed to provide a more comprehensive view of potential security risks and empower organizations to safeguard their data and reputation proactively. Key updates include expanded monitoring of online sharing platforms, a new module for analyzing website control files, improved certificate analysis, and enhanced domain overview capabilities. Furthermore, ThreatNG has upgraded its alerting functionality and private label reporting features. Collectively, these enhancements contribute to a more robust security strategy, enabling security teams to identify, assess, and mitigate risks more effectively.

Online Sharing Exposure

ThreatNG Expands Online Sharing Exposure Monitoring to GitHub and Prezi

The Online Sharing Exposure Investigation Module of ThreatNG now includes GitHub Code and Prezi in its repositories, which are scanned for potential security breaches and reputational risks. This module helps organizations proactively identify and address instances where sensitive information or intellectual property may have been unintentionally shared online, fulfilling essential External Attack Surface Management (EASM) and Digital Risk Protection (DRP) requirements. By broadening the scope of its investigation to these popular platforms, it offers a more comprehensive view of potential risks, enabling organizations to take swift action to protect their data and reputation.

Search Engine Exploitation

Robots.txt and Security.txt Files Now Key to Enhanced Security Analysis

The new Website Control File Exposure module of ThreatNG analyzes publicly available robots.txt and security.txt files to gain insights into an organization's security posture. Extracting data such as disallowed paths, security contacts, and bug bounty program details enhances attack surface management, digital risk protection, and security ratings capabilities. This information enables security analysts to proactively identify and mitigate risks, assess security posture, and streamline vulnerability reporting, contributing to a more robust security strategy.

Domain Intelligence > Certificate Intelligence

Certificate Analysis Enhances "Associated Organizations" for Improved Security

ThreatNG's Certificate Intelligence module has improved its "Associated Organizations" feature, identifying and highlighting organizations connected to a specific SSL/TLS certificate. This enhancement enables security teams to quickly identify and assess risks linked to shared certificates or third-party dependencies. ThreatNG empowers security teams to understand their attack surface better and proactively defend against potential threats by offering a clearer view of the relationships between organizations and their certificates.

Domain Intelligence > Domain Overview

Domain Overview Enhanced with Wordcloud, Bug Bounty Insights, and Microsoft Entra Identification

ThreatNG has improved its Domain Overview module within the Domain Intelligence Investigation Module. This module offers a comprehensive view of an organization's domain-related assets and security posture, assisting in uncovering hidden threats and vulnerabilities. The enhanced Domain Overview features a Digital Presence Wordcloud, which analyzes and illustrates the language used across an organization's digital footprint to reveal hidden connections to unknown assets, misconfigurations, brand impersonation attempts, data leaks, and more. Furthermore, it provides insights into Bug Bounty Programs, enhancing visibility into the global bug bounty landscape. ThreatNG also automatically discovers and identifies Microsoft Entra instances, offering unmatched visibility into potential attack vectors. These enhancements facilitate proactive risk management, improved threat intelligence, and better decision-making for a more assertive security posture.

Reporting, Collaboration, and Management

Enhanced Alerting: Multi-Recipient Emails and Collaboration Platform Integrations

The Reporting and Management capabilities of ThreatNG have been updated with exciting new features and enhancements in alerting functionality. Users can now send email alerts to multiple recipients, ensuring critical security information reaches all essential stakeholders. Furthermore, integration with popular third-party collaboration platforms such as Slack and Microsoft Teams enables users to receive alerts directly within their preferred communication channels. These improvements streamline communication and enhance collaboration, allowing security teams to respond to threats more effectively.

Private Label Reporting Enhanced with Increased Branding Visibility

ThreatNG has improved its Private Label Reporting feature by providing enhanced visibility of custom branding throughout the reports. This improvement allows users to easily integrate their branding elements, such as logos and color schemes, into the reports, resulting in a more professional and cohesive presentation for clients and stakeholders. By strengthening private label branding, ThreatNG enables users to reinforce their brand identity and offer a more personalized reporting experience.

Threat NG Staff
Next

January 22, 2025