Releases
92 min
welcome to flare's release notes page, where you’ll find the latest updates, features, and improvements we’ve rolled out to enhance your cybersecurity experience our mission is to empower security teams with cutting edge tools and insights to defend against emerging threats whether it's new ai powered capabilities, enhanced reporting options, or critical bug fixes, each release is designed to make threat intelligence more actionable, intuitive, and efficient explore how our constant innovations can help you stay one step ahead in the evolving cyber landscape august 2025 ⚙️ new tenant admin role & ui updates release date august 20, 2025 we’re excited to roll out a new tenant admin role and a set of ui updates that give clients greater flexibility in managing their tenants and assigning responsibilities this update incorporates feedback from clients to make tenant assignment smoother and more intuitive ✨ what’s new tenant admin role in addition to tenant viewer and tenant editor , you can now assign the new tenant admin role manage users, integrations, and tenant details within their assigned tenant tenant admins only see data related to their tenant (not the full organization) only org admins can add tenant admins to tenants team page ui updates org admins can now bulk select team members to assign them to a tenant with a specific role permissions overview when assigning a role or creating a new org member, an overview of permissions is displayed for better clarity helps customers feel confident and informed when managing access updated documentation a brand new roles & permissions guide is available, serving as a reference for assigning roles effectively and better understanding permissions 🎯 why it matters these improvements give organizations more control and flexibility when managing tenants by introducing a clear tenant admin role, enhancing bulk assignment actions, and making permissions more transparent, flare aims to ensure the right people have the right level of access 🔐 secret detection enhancements for source code release date august 20, 2025 we’ve refined our secret detection engine to better identify sensitive information across source code platforms like github and docker hub—helping your team spot real threats faster while reducing false positives ✨ what’s new dual source monitoring all github and docker hub events collected by flare are scanned using a rule based engine trained to detect known secret formats risk based scoring non generic secrets trigger an increase in severity score due to their strong signal of real risk generic secrets trigger a decrease in severity score to minimize alert fatigue from false positives 🎯 why it matters by distinguishing between high confidence leaks and generic patterns, flare prioritizes what really matters—giving your team a smarter, more focused response strategy 🐳 new data source docker hub release date august 20, 2025 we’ve expanded our data collection capabilities to include key metadata from docker hub, giving you deeper visibility into container based development risks this update helps identify exposed secrets and organizational identifiers embedded in container metadata—critical for securing modern devops environments 🎭 actor profiles release date august 15, 2025 we've launched comprehensive actor profiles to help you investigate actors and understand behavioral patterns across the flare platform ✨ what's new centralized actor investigations with dedicated profile pages accessible from any underlined actor name activity tab showing timeline visualization, volume breakdowns, and most recent events analysis tab (forum based events) providing behavioral insights, linguistic analysis, and potential threat assessment activity breakdown chart with filterable categories and date ranges weekly discussion heatmap displaying posting patterns by hour and weekday with timezone analysis 🎯 why it matters actor profiles transform how analysts investigate and assess actors by providing behavioral trend analysis to identify patterns and assess risk levels cross event pivoting to trace activity across multiple incidents tied to the same actor false positive validation by understanding actor context and intent threat actor investigations with comprehensive behavioral and linguistic profiling this release enables security teams to move beyond isolated events and develop a deeper understanding of actor behavior, motivations, and potential threats—leading to more informed threat assessments and faster incident response for more details 👇 ⏩ optimization of look alike domain scanning release date august 13, 2025 we've significantly optimized the performance of look alike domain scanning ✨ what's new a 90% reduction in the time it takes between scans for all domain identifiers a daily scan for look alike domains that are a single character off from the original 🎯 why it matters this enables faster results, faster alerts, and simply better detection, enabling our customers to act on potentially malicious domains quicker and prevent phishing attacks from taking place july 2025 ⚙️ bulk actions in credentials browser release date july 28, 2025 we’ve added faster ways to triage exposed credentials—so you can act with confidence at scale ✨ what’s new bulk remediate / un remediate credentials bulk ignore / un ignore credentials clearer visuals for remediated and ignored statuses to improve at a glance scanning if your tenant has an idp connection enabled, you can now filter credentials by identity provider (idp) validation status —not validated, valid, invalid, unknown, or error 🎯 why it matters these updates are designed to streamline remediation workflows and improve visibility into credential status—especially when working at scale empower users to decide when and how to mark credentials as remediated or ignored quickly identify which credentials need attention by filtering based on idp verification status this release supports our ongoing efforts to make the credential browser more actionable and intuitive—enabling faster response times and better informed decisions june 2025 ⚙️ combolist filtering in credentials browser release date june 30, 2025 we’re releasing an impactful enhancement to the credentials browser you can now filter out combolists, making it easier to focus your investigations on actionable leaks ✨ what’s new a new toggle to exclude combolist entries while browsing leaked credentials cleaner views that reduce noise, helping you prioritize relevant credential leaks this feature directly addresses requests to manage data more effectively during investigations 🔐 entra id exposed credential verification release date june 17, 2025 we're super excited to announce a major milestone in our identity focus roadmap entra id exposed credential verification is now live! ✨ what’s new you can now validate leaked credentials discovered by flare directly against your microsoft entra id environment this powerful integration helps your team validate whether exposed credentials are still active prioritize which threats to respond to address identity risks swiftly—cutting down mean time to respond and lowering operational costs 🎯 why it matters not all credential leaks are created equal credential validation allows you to separate real risks from outdated data by confirming if the leaked username and password pairs are still valid in entra id this means fewer false positives and more targeted, effective responses 🔧 easy to set up we've created a step by step setup guide to help you get started quickly once connected, you can seamlessly pivot from flare to entra id for manual response 🔮 what's next entra id validation is the first step in flare's broader identity intelligence strategy stay tuned for future updates, including automated identity detection and response workflows ✅ available now to all flare customers—at no additional cost 🏷️ pii tagging in the credentials browser release date june 12, 2025 we have added pii tagging to the credential details view in the credentials browser for credentials that were publised as part of a named breach, alongside the details of this leak's source we have now added the details around which types of pii were also leaked 🕷️ major dark web crawling infrastructure expansion release date june 11, 2025 we’ve significantly upgraded our crawl infrastructure—resulting in faster, more reliable, and broader data collection across all key dark web sources crawl throughput has increased by over 3x , vastly expanding our daily data coverage system operations have grown 5x , unlocking greater stability and resilience we’ve removed bottlenecks across forums, markets, blogs, and pastes , positioning us to scale even further this sets a strong foundation for delivering fresher, more complete threat intelligence to customers—faster than ever 📣 improvements to the identifiers experience 📣 release date june 5th, 2025 we’re excited to announce a set of updates to the identifiers page these improvements are designed to make your workflow smoother and more intuitive ✨ what’s new 	• full width table view the identifiers table now spans the entire page for better visibility and easier navigation 	• new creation modal creating new identifiers and groups is now cleaner with a modernized modal interface 	• simplified navigation interactions like opening and browsing identifiers are more intuitive and efficient 	• refreshed layout key actions like search, filter, create, and usage info are easier to find and use 	• bug fixes we’ve also resolved several issues to improve overall performance and reliability 🎯 why it matters this update delivers a cleaner, faster, and more consistent experience when working with identifiers it’s built to help you stay focused, move faster, and feel more in control—so you can get more done with less friction april 2025 🔍 enhanced search & filtering in credentials browser release date april 23, 2025 we’re rolling out a major update to the credentials browser that significantly boosts your ability to explore and manage leaked credentials within your tenant ✨ what’s new search within tenant feed you can now search your credentials by email domain, email, username, password, and url — all directly in the tenant feed advanced filtering options 	• date imported 	• identifier scope 	• source 	• password policy bulk actions quickly remediate or ignore multiple credentials at once with new bulk selection capabilities 🎯 why it matters this update makes triaging and managing credentials far more efficient, giving you faster access to the data that matters most the tenant and global tabs in the credentials browser now offer a consistent experience, streamlining your workflow and boosting operational speed please find more detailed information in our documentation 🕵️ actor profiles release date april 19th, 2025 we've introduced brand new actor profile drawer whenever you click an actor in any event think of it as your quick look dossier for threat actors ✨ what’s new actor profile drawer one click from any event opens a side drawer with everything we already know about that actor—no context switching required activity timeline visualizes spikes in activity over time; the larger the node, the more activity during that period category & date filters easily filter the timeline to focus on specific types of activity or time frames the default source is inherited from the event you clicked switching to all sources can be powerful, but beware identical names across sources don’t always point to the same individual 🎯 why it matters actor profiles are the first step toward richer entity intelligence inside flare 🚀 introducing the new takedown page release date april, 3rd 2025 we’re excited to introduce a dedicated takedown section in flare this new page centralizes our external threat takedown services, helping you reduce risks from malicious domains, leaked code repositories, social media impersonation, and more the streamlined interface makes it easier than ever to submit , manage , and track takedown requests for more details on how the process works, explore the resources available in this section march 2025 🚀 major boost to credential coverage release date march, 25th 2025 we’ve upgraded our credential ingestion engine and just completed a massive import this means you have faster access to leaked credentials, improved coverage, and reduced delays to getting your hands on the data during major leaks what's new faster data ingestion with this release, we’re officially debuting our new automated ingestion system more credentials we’ve just completed a massive ingestion effort, processing 36 billion lines across 850 files while 80–90% of the credentials were already in our database, we expect to extract another billion credentials in a follow up pass increased credential coverage this pipeline can now ingest, validate, and import credentials from nearly any ulp or stealer log source with minimal friction this milestone means faster response times, improved credential coverage, and a scalable ingestion system that’s ready for the next big leak 📊 dashboard filter by identifier scope release date march, 25th 2025 we’ve added the ability to filter the dashboard by identifier scope, so you can now viewthe data by identifier, identifier group, or tenant this will allow for deeper drilling into the data and segmenting to provide clearer, more actionable intelligence 🆕 alert central quick access to alerts via email notifications release date march, 12th 2025 we’ve improved the user experience by adding direct links to specific alerts in email notifications now, when you receive an alert notification by email, you can click a link to open this alert directly in alert central—making it faster and easier to review and edit 🆕 alert central create alerts from the identifiers page release date march, 10th 2025 we’ve brought back the ability to create alerts directly from the identifiers page—now with an improved and more intuitive experience! you can seamlessly create alerts within an identifier, streamlining the process plus, if you don’t have a channel set up yet, you’ll now have the option to create one on the spot all of your alerts and alert channels are still accessible in alert central, making it easier to view, edit, and organize them in one central location february 2025 🚦 new stealer log severity rule release date febuary, 27th 2025 we have added a new severity rule for events that contain stealer log data if highly sensitive file types are found in the stealer log file list we will increase the severity of that event learn more in our understand event severity section 🔄 identifier group moves instant & reliable release date febuary, 20th 2025 we’ve revamped how identifiers move between groups to eliminate data loss, improve speed, and reduce system strain previously, moving an identifier could result in missing events, slow repopulation, and performance issues now, identifiers move seamlessly while retaining all related events what’s new? retain events all past events stay linked to the identifier, even if they are no longer available online instant updates moved identifier feeds update in real time—no more waiting for data to repopulate visual feedback a new indicator highlights when events are being updated after an identifier move this update ensures a smoother, more reliable experience when organizing identifiers within your groups 💬 adding all forum sources for threat flow intel and conversation explorer release date february, 14th 2025 threat flow previously summarized conversations from only 10 high value forums now, we’ve expanded coverage to include all of flare’s forum sources for more comprehensive results what’s new? expanded coverage more results your queries will return a larger volume of insights now that all available forums have been included noise filter we’ve done work on our end to weed out irrelevant conversations and surface only the most relevant discussions—ensuring the content remains informative, even with expanded coverage new sources filter browse by forum even if you haven’t entered a search term yet, you can select a specific forum from the new sources filter this immediately narrows down the results to that forum, making it easier to explore conversations on the fly ✨ question based intelligence release date february, 13th 2025 creating custom intelligence from threat flow is now much easier what’s new? guided intel creation a step by step approach helps you ask the right question and configure your custom intel threat flow handles all the behind the scenes work, so you can focus on what you need preview before finalizing quickly preview your intel output to ensure it’s aligned with your search refine if needed—no more waiting for full generation just to learn it's off target keyword filtering include or exclude specific terms to narrow down conversations threat flow will scan content for these keywords to surface only what matters most to you why it matters? better time management eliminate guesswork by previewing results before finalizing your intel improved relevance guided steps and keyword filters help you zero in on exactly what you need streamlined workflow refine your queries before intel generation, so you can quickly get to insights that matter—without sifting through unnecessary information 🆕 alert central channel status & multiple emails to a channel release date february, 10th 2025 we’re introducing a new feature in alert central channel status ! 🎉 we’ve added channel status to help you monitor your alerting channels and ensure alerts are delivered without issues we are also allowing you to attach multiple emails to one channel what’s new? each alert channel will now display one of three statuses tested connection is verified and working not tested connection hasn’t been checked yet connection failed alerts are not being sent due to an issue why it matters? this update gives you better visibility into your alerting setup, helping you quickly detect and fix connection issues ensure critical alerts reach the right emails 🔔 alert central release date february, 3rd 2025 introducing alert central , flare’s unified alert management system designed to streamline how you configure and track alerts across multiple channels alert central centralizes everything into a single, intuitive interface—boosting efficiency, flexibility, and control here’s what makes alert central stand out unified alert management – view and manage all your alerts and channels in one place, ensuring complete visibility and control flexible channel selection – choose from multiple communication channels, including email, slack, discord, jira configure each channel with custom settings, such as recipient email or webhooks, to fit your team’s workflow tailored alerting strategy – assign alerts to specific channels based on the level of severity with alert central, flare gives you greater control over your alerts, ensuring that critical events reach the right people when it counts january 2025 🔍 introducing a better way to manage your audit logs release date january 28, 2025 we’ve enhanced audit log management to give you more control and flexibility you can now filter logs by type, user, and date , making it easier to track specific activities additionally, we’ve introduced the ability to export logs, ensuring seamless record keeping for your team why it matters having clear and accessible audit logs helps improve transparency, security, and compliance 🔢 new event count visibility release date january 28, 2025 flare users can now see the total number of events linked to an identifier, making it easier to assess activity levels at a glance why it matters with this update, you can quickly gauge activity levels related to a specific identifier, allowing for better monitoring and faster insights 2024/2025 holiday update here are the updates and fixes we implemented during december, including enhancements to streamline workflows and improve usability 🔍 credential browser see related stealer logs you can now quickly identify the stealer log associated with any credential pair by clicking "view events " why it matters this enhancement makes it easier to investigate credentials, saving time and improving incident response efficiency 🌐 identifiers improved subdomain filters we’ve redesigned subdomain property filters with the following options resolves / does not resolve filter subdomains based on dns resolution status is reachable / is not reachable filter subdomains by accessibility why it matters these options provide more control for identifying and managing active subdomains, improving threat surface visibility 🔗 api ignore/remediate events or leaks our api now supports ignoring or remediating events and leaks directly what’s new access the api to programmatically mark events as ignored or remediated documentation api reference – event actions https //api docs flare io/api reference/v4/endpoints/event actions#event actions ignore remediate etc why it matters automating event actions reduces manual intervention, making it easier to scale incident management 🧵 threat flow conversation details & navigation improvements we’ve added new features to streamline navigation in threat flow’s conversation explorer thread tab a dedicated "thread" tab now highlights the part of the conversation that created the event "go to event" links quickly jump to the related event in global search from both the "content" and "thread" tabs why it matters this improvement provides better context for events, reducing the time spent navigating between views and ensuring faster data insights december 2024 🚀 supply chain monitoring page recent improvements release date dec 16, 2024 we're excited to share the latest updates to the supply chain monitoring page ⚡ performance boost the page now loads significantly faster , including all graphs and table results dashboards and table results load simultaneously—no more waiting! smoother scrolling with bigger batches of table results loading at once 🎨 new layout we’ve given the page a fresh look to improve usability and navigation 🔍 bug fixes & enhancements 🎉 the table now displays identifiers found in ransom leak listings directly fixed some incorrect breached date values resolved an issue where false positives flagged the victim as their own supply chain leak addressed missing victim metadata (e g , country, industry) in cases where it should have been displayed 🆕 new data source stealer logs from direct sources release date dec 5, 2024 we’re excited to announce the addition of a new stealer log source to the platform! this is a further enhancement to our telegram stealer log threat intelligence capabilities source name stealer logs from direct sources seamless integration the new source integrates directly into the existing processing pipeline, maintaining consistent functionality and ui across the platform enhanced search compatibility existing queries (e g , metadata source\ stealer logs ) will automatically include this source, bringing the total to four stealer log sources this update ensures you continue to stay ahead of evolving threats with a broader and more diverse data feed 🔍 saved queries in threat flow release date dec 2, 2024 saved queries in threat flow allow you to save a combination of a query and a set of filters when browsing the conversation explorer this feature provides an easy way to revisit, manage, and monitor specific conversations based on your topics of interest saved queries are unique to each tenant what's new save and name your searches for future use automatically apply previously configured queries, filters, and date ranges to conversations in conversation explorer manage your queries with options to rename, update, or delete them use saved queries to more easily create custom intel using the custom intel builder why it matters investigative efficiency quickly return to your most relevant searches without reconfiguring filters or remembering queries stay focused keep track of specific areas of interest, ensuring consistent monitoring of what you deem important november 2024 📊 dashboard and reporting revamp new metrics for enhanced transparency & impact release date nov 27, 2024 we're excited to announce the launch of a fully revamped dashboard and reports this update will retire outdated charts and introduce new, insightful metrics designed to provide clearer, more actionable intelligence what’s coming operational metrics highlighting the events most important for user to action, and allowing users to track month over month performance event severity & growth insights users can now view the number of events by severity , track trends over time, and see metrics on events that have been remediated or ignored this helps prioritize the most severe incidents and observe risk evolution mean time to resolution a detailed metric showing average resolution times by severity enables teams to assess response efficiency and focus on high severity events direct navigation to events clickable cards within “events to resolve” seamlessly route users to relevant events in the feed, streamlining response workflows export & reporting all charts can be exported for reporting, with editable options available within 30 days why it matters increased transparency and credibility with more detailed and relevant metrics, you can better communicate their security posture to stakeholders, showcasing the value flare provides in managing exposure risk simplified user experience outdated charts will be removed, reducing confusion and enhancing focus on valuable insights this dashboard overhaul strengthens flare’s platform by delivering impactful metrics that empower users to act confidently on the most pressing issues 👀 visibility on global search api consumption release date nov 25, 2024 users with access to the global search api to monitor their usage directly, helping them manage api consumption effectively and stay informed about their activity what’s new consumption insights gain real time visibility into your global search api usage, including the number of requests made and remaining quotas quota tracking in api responses the search api response now includes the x flare global searches remaining header, displaying the number of api calls left in your monthly allocation proactive monitoring recommendations to avoid service interruptions or missed events, we recommend implementing monitoring on the x flare global searches remaining header to ensure you stay within your allocated quota ⚠️this feature is available exclusively to users with access to the global search api if you do not currently have access, please contact your customer success manager 🔌 splunk app release date nov 22, 2024 the flare splunk app is available now on splunkbase —designed to empower you with the insights and flexibility needed to secure your environment more effectively what’s new full event ingestion ingest complete flare event content directly into your on premise splunk instance easy configuration a simple setup page within the splunk app allows you to configure your flare api key and tenant id, enabling a hassle free connection comprehensive documentation a step by step guide is included to help you configure and manage the integration, ensuring you’re up and running quickly with minimal support why it matters enhanced workflow integration the flare splunk app ensures you can monitor and act on flare alerts directly from splunk, streamlining workflows for your teams and reducing the need to switch between platforms actionable intelligence by providing full event data, the app enables advanced correlation and automation workflows, helping you respond faster and more effectively to threats on premise flexibility built specifically for on premise splunk environments, this app aligns with enterprise requirements, providing the control and security customers demand 🚀 performance boost 10x faster search release date nov 18, 2024 we’ve revamped our events database, delivering a significant boost in query performance what’s new optimized search logic global search now prioritizes recent data, gradually expanding the search scope over time this means queries with recent results are dramatically faster lightning fast results our tests show 95% of searches now complete in under 1s, a 10x improvement! increased reliability this faster, optimized search logic also greatly inreases the reliability of the platform for all users, as complex searches are now better isolated how it works our database is now time segmented rather than relying on a single massive dataset this enables us to query smaller, relevant subsets of data while maintaining top notch performance—even as our data continues to grow why it matters this enhancement ensures faster, more efficient data access, helping you quickly obtain the insights needed for real time decision making ✨ export intel & threat flow polish release date nov 14, 2024 we’ve made several updates to improve navigation, readability, and the sharing experience in threat flow improved navigation navigating threat flow is simpler with a redesigned tab bar, now featuring intel and conversation explorer tabs this change better highlights each section’s purpose, making it easier to locate the information you need cleaner intel we’ve moved conversation topics out of the intel cards and into the details pane now, topics are clickable—just click any conversation topic from any intel to perform a search in conversation explorer, helping you dive deeper into areas of interest enhanced details pane the details pane has been updated! simplified tab titles make navigation clearer larger font and better spacing for readability an easily accessible export button lets you download intel as a pdf or docx 🔄 performance and consistency updates release date nov 11, 2024 we’ve implemented significant updates to improve coherence and performance event stats consistency stats in the events page’s detail panel now accurately reflect the actual number of visible cards, ensuring consistency and reducing discrepancies when viewing filtered results performance boost event stats and results load faster, particularly when filtering by category or metadata, enhancing overall responsiveness enhanced identifier management when creating or deleting multiple identifiers, users should now experience stable and predictable wait time for event updates these updates streamline the user experience, offering improved accuracy and faster access to event data, especially during high demand tasks 🆕 new emerging source potential stealer logs in alexandria release date nov 8, 2024 we’re excited to announce the launch of potential stealer logs to our emerging sources this source captures "rejected" stealer logs from the traditional pipeline—files that resemble stealer logs but lack critical information or have unsupported layouts this addition ensures that even non standard or incomplete stealer logs are accounted for, enabling more comprehensive threat analysis 🛠️ intel builder release date nov 5, 2024 in threat flow, we’ve added a new way to collect and organize conversations across your searches, making it easier than ever to build intel intel builder you can now add or remove conversations of interest by clicking the + or buttons next to any conversation following a search in threat flow selected conversations are saved to the intel builder , which you can review them anytime by clicking build intel from there, you can either clear the conversations or create a intel, based on your selections the conversations saved to intel builder are stored locally, not based on your current tenant conversations will be wiped if you clear your cache, or switch browsers october 2024 🆕 new emerging sources release date oct 25, 2024 we’re thrilled to announce the introduction of three new emerging sources , bringing new levels of visibility to critical data 1\ pii & unverified leaks what it covers pii breaches (e g , leaked personal information) "unverified" breaches from online sources where the origin is uncertain a breach is considered "verified" when acknowledged by trusted services like haveibeenpwned (hibp) or "official" dark web forum lists example the pii portion of the pureincubation breach 2\ ransomware files what it covers files related to ransomware attacks, such as sensitive documents or operational data these files (and their extracted features) won’t be linked to ransomware events in the platform these will be independent events 3\ other found files what it covers miscellaneous files identified by flare teams that hold investigative value but don’t align with the categories above holistic data coverage provides a deeper dive into emerging threats, with valuable insights from unverified and unconventional sources stay tuned as we roll out these features to keep your security operations one step ahead! 🆕 stealer log text file viewer release date oct 24, 2024 we’re introducing a convenient new feature that lets you view txt files from stealer logs directly in the browser just click the button to open a modal with the file's contents displayed, making it easier to quickly access and review text data 📰 new data source sec 8 k filings for cybersecurity incidents release date oct 16, 2024 we’ve added sec 8 k filings as an emerging source , and is therefore in a 'raw' fomat the vision for this would be for monitoring for material cybersecurity incidents, giving you real time alerts when publicly traded companies report significant breaches proactive third party risk get timely alerts on breaches involving vendors, partners, or suppliers vendor risk management quickly assess and respond to supply chain breaches with contract reviews and security updates impact & compliance support use incident details for impact assessments and stay informed on risks that may affect compliance this feature strengthens visibility into third party cybersecurity risks for proactive and informed decision making 🐞 bug fix event stats consistency release date oct 10, 2024 we’ve resolved an issue on the events page to ensure that category stats, severity scores, and event counts now display coherently across the board enjoy more accurate insights at a glance! 🔍 search by url in credentials browser release date oct 2, 2024, at 10 00 am est we’re excited to launch search by url in the credentials browser, allowing you to quickly locate leaked credentials associated with specific websites what’s new easily search leaked credentials by urls for faster, more targeted investigations why it matters this feature streamlines incident response, improving investigation speed and reducing manual effort for better account protection september 2024 🔑 credential browser enhancements release date sep 27, 2024 we've overhauled the credentials browser to offer more powerful filtering, sorting, and search capabilities credentials are now split into two tabs tenant feed quickly view leaked credentials that match your configured identifiers global search use a search bar to scan flare’s leaked credentials database, with filters for matching dates, sources, and ignored/remediated credentials you can filter credentials based on your organization’s password policy (e g , lack of symbols or length requirements), with both include and exclude options filtered results can be exported for easier reporting and remediation view urls associated with stealer logs/ulps in a new sliding details drawer, with additional search functionality by specific urls 🔒 global search tab update in credentials browser release date sep 24, 2024, at 10 00 am est we’ve updated the global search tab in the credentials browser to improve permissions consistency what’s new users without global search permission will see disabled interactive elements (dropdowns, checkbox, search bar) and a contextual message why it matters aligns global search functionality in credentials browser with the events page, ensuring a consistent experience across the platform ⚡️ threatflow explorer meets custom intelligence release date sep 20, 2024 we’re excited to announce major enhancements to threatflow , allowing for deeper exploration and customization of threat intelligence you can now select individual unit summaries when browsing through explorers and create custom intelligence reports from them when using the detail view in custom intelligence, related unit summaries , related events , and related intelligence are displayed, giving you a fuller context on your findings custom intelligence can now be named, making it easier to organize and categorize your intelligence reports we've improved error handling you won’t be able to create an empty custom intelligence without a name or keywords, and we’ve ensured keyword entries are applied even if you forget to hit enter a sleek new loading animation enhances your experience while custom intelligence reports are being created additionally, the settings copy has been adjusted for better clarity around queries and how selections from theme and industry are processed 🔗 api improvements release date sep 20, 2024 developers, rejoice! we’ve made significant improvements to the flare api, making it easier than ever to integrate with our platform the api documentation has been revamped for better clarity and structure we’ve added new use case guides to help you quickly address specific customer needs released python & go sdks for faster, more flexible integrations simplified endpoints offer a more intuitive user experience, reducing friction for users and developers alike 🚀 improved scalability release date sep 13, 2024 our infrastructure got a serious boost! the scoring engine is now more resilient and scalable, ensuring smooth operations even under heavy workloads the platform will no longer crash when large scale actions (like deleting big batches of identifiers) are performed the scoring engine now scales horizontally, allowing for replication across multiple service instances and dramatically increasing our data ingestion capacity this opens the door to exponential growth without service interruptions here's an updated, more concise release note 📰 new data source financial data release date sept 10, 2024 we've added a new data source focused on financial data, including sites where stolen credit card information is sold this source provides key insights into illicit activity around compromised financial information improved fraud detection gain visibility into compromised financial data to help detect fraudulent activity early proactive threat response use these insights to strengthen defenses against financial security threats this addition bolsters your intelligence capabilities, particularly for teams managing financial security and fraud prevention august 2024 ⚡️ threat flow explorer release date aug 6, 2024 introducing threat flow explorer , flare’s first of its kind transparent generative ai application for dark web research whether you're responding to a major cybersecurity incident or performing routine threat intelligence, threat flow makes your job faster and more efficient by delivering real time summaries of dark web chatter here’s what sets it apart transparency unlike traditional ai models, threat flow gives you a clear look at the raw data (called unit summaries ) used to generate reports, making it easier to trust and verify findings third party validated developed with the econcrime lab at the university of montreal, threat flow’s accuracy was found to be 98% compared to primary dark web research sources fire drill ready when senior leadership needs fast, accurate reports during major incidents (e g , log4j or mgm/scattered spider), threat flow helps cut through the noise and delivers essential insights quickly real time intelligence get up to the minute information on exploits and indicators of compromise (iocs) , giving you time to deploy defenses before these threats are weaponized cybercrime ecosystem research explore the dark web at scale and gain insights into the relationships, tools, and methods used by cybercriminals, providing valuable intelligence for security teams and law enforcement with threat flow, you can research, report, and respond faster than ever 🔑 url login passwords (ulps) release date aug 2, 2024 we’ve enhanced our data collection capabilities with the introduction of url login passwords (ulps) we are now collecting and storing ulps wherever possible, providing deeper insights into compromised credentials 🔔 optional subdomain enumeration now available release date july 16, 2024 we’re excited to introduce optional subdomain enumeration for more streamlined identifier management what’s new default setting subdomain discovery remains enabled by default optional control customers can request access to a new subdomain control panel via customer success, allowing subdomains to appear on a recommended page rather than auto adding to identifiers why this matters this feature helps customers with multiple domains manage identifier limits more effectively by making subdomain enumeration optional free trials subdomain discovery will be disabled by default for trial accounts and show on the recommended page for review july 2024 🎛 tenant level ignore terms release date jul 29, 2024 say goodbye to unnecessary noise in your event logs with tenant level ignore terms this new feature allows you to filter out irrelevant events across your entire tenant, making it easier to focus on the threats that matter most each tenant can now define up to 100 ignored terms , with each policy supporting up to 50 terms tenant level ignored terms help filter out events across all identifiers in the tenant, while identifier level ignored terms filter out events for one identifier feed at a time once an ignore term is added, all future events containing that term will be filtered out, and we can even remove up to 100,000 past events from your logs that match the term rest assured—filtered events won’t trigger alerts, affect stats, or appear in searches within your tenant check out the documentation https //docs flare io/policies for more details and a helpful faq june 2024 📉 footprint chart decommission release date june 12, 2024 to simplify the user experience, we’ve removed the footprint and history charts from the platform these charts will no longer appear on the footprint and history pages, nor can they be added to reports however, you can still access the exposure score graph on the dashboard for relevant insights 🛡 secure access through mfa release date june 10, 2024 we’ve enhanced multi factor authentication (mfa) across the platform to protect sensitive user data and ensure compliance with the new pricing model this includes resolving the api loophole related to bypassing rate limits through password logins 🧠 threat flow data improvements release date june 7, 2024 we’ve added a classifier to threat flow to filter out irrelevant posts, such as simple "thank you" messages, leading to cleaner, more relevant data for analysis this optimization allowed us to integrate six new data sources , including breachforums , bhf io , dread , hacktown , secretforum , and rutor , giving you even more actionable intelligence 🗂 ransomware file improvements release date june 7, 2024 our ransomware file coverage has increased by 40% , and we've added ui/ux improvements, including better support for long file paths and new file types ( 7z and rar) we’ve also added a left side ellipsis for better visibility of important file details and improved tooling for handling ransomware archives 📥 takedown improvements release date june 6, 2024 we’ve revamped the takedown request process to give our customer facing teams more control and flexibility the takedown workflow is now powered by hubspot, providing a seamless ticketing experience that reduces the need for developer involvement may 2024 🔍 search in feeds release date may 30, 2024 searching within your tenant , group , or identifier just got easier! we've added the ability to search specific content across your entire tenant, making it faster to find what you need plus, stats load faster, and remediated/ignored events are now easier to browse and scale april 2024 🎨 ui reskinning (cycles 18 19) release date apr 26, 2024 our flare ui has received a major upgrade, with modernized elements for a cohesive and professional look updates include icons, toolbars, event cards, tables, dashboards, modals, tabs, menus, buttons, and more built on a new design system to support a streamlined and scalable user experience moving forward 🔑 azure tenant identifier type release date apr 25, 2024 introducing the azure tenant identifier for enhanced monitoring behaves similarly to keyword identifiers but includes identifier recommendations links monitored domains to an azure tenant, with related domains automatically suggested ideal for detecting secrets on platforms like github, even when domains aren’t explicitly mentioned 🔒 supply chain ransomware exposure monitoring release date apr 15, 2024 customers with supply chain monitoring permission will now have enriched data and visualization options enhanced data added country , industry , and company size details via people data labs new search bar easily search items within the monitoring table four new widgets top countries, top industries, exposures in the last year, and victims per country map guided onboarding a banner now offers educational onboarding for feature setup victim metadata victim names appear in card titles, and detailed metadata is available in event views this feature is now fully available, with the beta tag removed 📄 threat flow custom reports (early access) release date apr 15, 2024 our custom reports feature is in early access for selected customers and internal users you can generate tailored reports by inputting specific keywords into threat flow, creating customized insights for your needs 🔍 credential browser (beta) release date apr 11, 2024 the credential browser beta is here, making it easier to manage and track leaked credentials convenient browsing interface provides a holistic view of an organization’s leaked credentials ignore/remediate actions ignore entire identity names (e g , emails) or remediate specific credentials for better long term tracking note filtering by password policy will be added in a future update ⚙️ collection tooling improvements release date apr 1, 2024 we’ve streamlined our collection infrastructure for dark web sources simplified source configuration new codehooks make source management cleaner improved coverage around 30 sources were optimized, including cebulka and germania, addressing critical login and data integration issues march 2024 🔐 manage identifier limits at the tenant level release date mar 1, 2024 allows identifier limits to be managed by tenant within an organization, ensuring each tenant has visibility only on their allocated identifiers february 2024 🔒 supply chain ransomware exposure release date feb 27, 2024 enhanced monitoring capabilities to support supply chain ransomware exposure detection , providing critical insights into potential vulnerabilities 📊 reports – improved layouts release date feb 27, 2024 reports received a visual refresh for a cleaner, more professional layout, making data presentation clearer and easier to navigate 🔐 leaked credentials improvements – phase 1 feb 27, 2024 improvements to leaked credential alerts, including new entry tracking and adding tags or notes to leak events phase 2 will add options to ignore or remediate leak items 🔎 new search bar full release feb 29, 2024 a new search bar offers an enhanced event search and filtering experience with improved layout and usability 📢 webhook alert channel release date feb 23, 2024 introducing a generic webhook integration that lets customers receive alerts in any service that supports webhooks, adding flexibility in alerting options ⚡️ threat flow release date feb 26, 2024 threat flow’s latest release focuses on transparency and real time threat intelligence with access to raw data sources for in depth cybersecurity insights 🔐 phishing websites via meta facebook ads release date feb 19, 2024 a new feature that tracks phishing websites promoted via meta facebook ads for improved phishing detection 🔍 stealer log improvements coverage, speed, and ux release date feb 19, 2024 (new logs) | apr 12, 2024 (all logs) stealer logs from the new live pipeline now load faster with enhanced ui for better browsing this ui will be applied to all previous logs in april after re importing ⚙️ api improvements release date feb 19, 2024 we’ve added api usage tracking and rate limiting by organization to improve api security and control additionally, api access permissions can now be managed at the org level