Releases

33min

Welcome to Flare's Release Notes page, where you’ll find the latest updates, features, and improvements we’ve rolled out to enhance your cybersecurity experience. Our mission is to empower security teams with cutting-edge tools and insights to defend against emerging threats. Whether it's new AI-powered capabilities, enhanced reporting options, or critical bug fixes, each release is designed to make threat intelligence more actionable, intuitive, and efficient. Explore how our constant innovations can help you stay one step ahead in the evolving cyber landscape!

October 2024

🆕 Stealer Log Text File Viewer

Release Date: Oct 24, 2024

We’re introducing a convenient new feature that lets you view .txt files from stealer logs directly in the browser. Just click the button to open a modal with the file's contents displayed, making it easier to quickly access and review text data.



The file viewer can be found in the sidebar
The file viewer can be found in the sidebar


📰 New Data Source: SEC 8-K Filings for Cybersecurity Incidents

Release Date: Oct 16, 2024

We’ve added SEC 8-K filings as an emerging source, and is therefore in a 'raw' fomat. The vision for this would be for monitoring for Material Cybersecurity Incidents, giving you real-time alerts when publicly traded companies report significant breaches.

  • Proactive Third-Party Risk: Get timely alerts on breaches involving vendors, partners, or suppliers.
  • Vendor Risk Management: Quickly assess and respond to supply chain breaches with contract reviews and security updates.
  • Impact & Compliance Support: Use incident details for impact assessments and stay informed on risks that may affect compliance.

This feature strengthens visibility into third-party cybersecurity risks for proactive and informed decision-making.

🐞 Bug Fix: Event Stats Consistency

Release Date: Oct 10, 2024

We’ve resolved an issue on the Events page to ensure that category stats, severity scores, and event counts now display coherently across the board. Enjoy more accurate insights at a glance!

🔍 Search by URL in Credentials Browser

Release Date: Oct 2, 2024, at 10:00 AM EST

We’re excited to launch Search by URL in the credentials browser, allowing you to quickly locate leaked credentials associated with specific websites.

  • What’s New: Easily search leaked credentials by URLs for faster, more targeted investigations.
  • Why It Matters: This feature streamlines incident response, improving investigation speed and reducing manual effort for better account protection.

September 2024

🔑 Credential Browser Enhancements

Release Date: Sep 27, 2024

We've overhauled the Credentials Browser to offer more powerful filtering, sorting, and search capabilities:

  • Credentials are now split into two tabs:
    • Tenant Feed: Quickly view leaked credentials that match your configured identifiers.
    • Global Search: Use a search bar to scan Flare’s Leaked Credentials Database, with filters for matching dates, sources, and ignored/remediated credentials.
  • You can filter credentials based on your organization’s password policy (e.g., lack of symbols or length requirements), with both include and exclude options.
  • Filtered results can be exported for easier reporting and remediation.
  • View URLs associated with Stealer Logs/ULPs in a new sliding details drawer, with additional search functionality by specific URLs.

🔒 Global Search Tab Update in Credentials Browser

Release Date: Sep 24, 2024, at 10:00 AM EST

We’ve updated the Global Search Tab in the Credentials Browser to improve permissions consistency.

  • What’s New: Users without global search permission will see disabled interactive elements (dropdowns, checkbox, search bar) and a contextual message.
  • Why It Matters: Aligns Global Search functionality in Credentials Browser with the Events page, ensuring a consistent experience across the platform.

⚡️ ThreatFlow: Explorer Meets Custom Intelligence

Release Date: Sep 20, 2024

We’re excited to announce major enhancements to ThreatFlow, allowing for deeper exploration and customization of threat intelligence:

  • You can now select individual Unit Summaries when browsing through Explorers and create Custom Intelligence reports from them.
  • When using the Detail View in Custom Intelligence, related Unit Summaries, Related Events, and Related Intelligence are displayed, giving you a fuller context on your findings.
  • Custom Intelligence can now be named, making it easier to organize and categorize your intelligence reports.
  • We've improved error handling: you won’t be able to create an empty Custom Intelligence without a name or keywords, and we’ve ensured keyword entries are applied even if you forget to hit enter.
  • A sleek new loading animation enhances your experience while Custom Intelligence reports are being created.

Additionally, the Settings copy has been adjusted for better clarity around queries and how selections from Theme and Industry are processed.



🔗 API Improvements

Release Date: Sep 20, 2024

Developers, rejoice! We’ve made significant improvements to the Flare API, making it easier than ever to integrate with our platform:

  • The API documentation has been revamped for better clarity and structure.
  • We’ve added new use-case guides to help you quickly address specific customer needs.
  • Released Python & Go SDKs for faster, more flexible integrations.
  • Simplified endpoints offer a more intuitive user experience, reducing friction for users and developers alike.

🚀 Improved Scalability

Release Date: Sep 13, 2024

Our infrastructure got a serious boost! The Scoring Engine is now more resilient and scalable, ensuring smooth operations even under heavy workloads:

  • The platform will no longer crash when large-scale actions (like deleting big batches of identifiers) are performed.
  • The Scoring Engine now scales horizontally, allowing for replication across multiple service instances and dramatically increasing our data ingestion capacity. This opens the door to exponential growth without service interruptions.

August 2024

⚡️ Threat Flow Explorer

Release Date: Aug 6, 2024

Introducing Threat Flow Explorer, Flare’s first-of-its-kind transparent generative AI application for dark web research. Whether you're responding to a major cybersecurity incident or performing routine threat intelligence, Threat Flow makes your job faster and more efficient by delivering real-time summaries of dark web chatter. Here’s what sets it apart:

  • Transparency: Unlike traditional AI models, Threat Flow gives you a clear look at the raw data (called Unit Summaries) used to generate reports, making it easier to trust and verify findings.
  • Third-Party Validated: Developed with the EconCrime Lab at the University of Montreal, Threat Flow’s accuracy was found to be 98% compared to primary dark web research sources.
  • Fire Drill Ready: When senior leadership needs fast, accurate reports during major incidents (e.g., Log4J or MGM/Scattered Spider), Threat Flow helps cut through the noise and delivers essential insights quickly.
  • Real-Time Intelligence: Get up-to-the-minute information on exploits and indicators of compromise (IOCs), giving you time to deploy defenses before these threats are weaponized.
  • Cybercrime Ecosystem Research: Explore the dark web at scale and gain insights into the relationships, tools, and methods used by cybercriminals, providing valuable intelligence for security teams and law enforcement.

With Threat Flow, you can research, report, and respond faster than ever.

🔑 URL-Login-Passwords (ULPs)

Release Date: Aug 2, 2024

We’ve enhanced our data collection capabilities with the introduction of URL-Login-Passwords (ULPs).

  • We are now collecting and storing ULPs wherever possible, providing deeper insights into compromised credentials.

🔔 Optional Subdomain Enumeration Now Available

Release Date: July 16, 2024

We’re excited to introduce Optional Subdomain Enumeration for more streamlined identifier management.

What’s New:

  • Default Setting: Subdomain discovery remains enabled by default.
  • Optional Control: Customers can request access to a new subdomain control panel via Customer Success, allowing subdomains to appear on a recommended page rather than auto-adding to Identifiers.

Why This Matters: This feature helps customers with multiple domains manage identifier limits more effectively by making subdomain enumeration optional.

Free Trials: Subdomain discovery will be disabled by default for trial accounts and show on the recommended page for review.

July 2024

🎛 Tenant-Level Ignore Terms

Release Date: Jul 29, 2024

Say goodbye to unnecessary noise in your event logs with Tenant-Level Ignore Terms. This new feature allows you to filter out irrelevant identifiers across your entire tenant, making it easier to focus on the threats that matter most.

  • Each tenant can now define up to 100 ignored terms, with each policy supporting up to 50 terms.
  • Tenant Ignored Terms help filter out events across all identifiers in the tenant, while Identifier Blacklists work for individual identifiers.
  • Once an ignore term is added, all future events containing that term will be filtered out, and we can even remove up to 100,000 past events from your logs that match the term.
  • Rest assured—filtered events won’t trigger alerts, affect stats, or appear in searches within your tenant.

Check out the documentation for more details and a helpful FAQ.

June 2024

📉 Footprint Chart Decommission

Release Date: June 12, 2024

To simplify the user experience, we’ve removed the Footprint and History charts from the platform. These charts will no longer appear on the Footprint and History pages, nor can they be added to reports. However, you can still access the Exposure Score graph on the Dashboard for relevant insights.

🛡 Secure Access through MFA

Release Date: June 10, 2024

We’ve enhanced Multi-Factor Authentication (MFA) across the platform to protect sensitive user data and ensure compliance with the new pricing model. This includes resolving the API loophole related to bypassing rate limits through password logins.

🧠 Threat Flow Data Improvements

Release Date: June 7, 2024

We’ve added a classifier to Threat Flow to filter out irrelevant posts, such as simple "thank you" messages, leading to cleaner, more relevant data for analysis.

This optimization allowed us to integrate six new data sources, including BreachForums, BHF_io, Dread, Hacktown, SecretForum, and Rutor, giving you even more actionable intelligence.

🗂 Ransomware File Improvements

Release Date: June 7, 2024

Our ransomware file coverage has increased by 40%, and we've added UI/UX improvements, including better support for long file paths and new file types (.7z and .rar). We’ve also added a left-side ellipsis for better visibility of important file details and improved tooling for handling ransomware archives.

📥 Takedown Improvements

Release Date: June 6, 2024

We’ve revamped the Takedown Request process to give our customer-facing teams more control and flexibility. The takedown workflow is now powered by HubSpot, providing a seamless ticketing experience that reduces the need for developer involvement.

May 2024

🔍 Search in Feeds

Release Date: May 30, 2024

Searching within your Tenant, Group, or Identifier just got easier! We've added the ability to search specific content across your entire tenant, making it faster to find what you need. Plus, stats load faster, and remediated/ignored events are now easier to browse and scale.

April 2024

🎨 UI Reskinning (Cycles 18-19)

Release Date: Apr 26, 2024

Our Flare UI has received a major upgrade, with modernized elements for a cohesive and professional look:

  • Updates include icons, toolbars, event cards, tables, dashboards, modals, tabs, menus, buttons, and more.
  • Built on a new design system to support a streamlined and scalable user experience moving forward.

🔑 Azure Tenant Identifier Type

Release Date: Apr 25, 2024

Introducing the Azure Tenant Identifier for enhanced monitoring:

  • Behaves similarly to keyword identifiers but includes identifier recommendations.
  • Links monitored domains to an Azure tenant, with related domains automatically suggested.
  • Ideal for detecting secrets on platforms like GitHub, even when domains aren’t explicitly mentioned.

🔒 Supply Chain Ransomware Exposure Monitoring

Release Date: Apr 15, 2024

Customers with Supply Chain Monitoring permission will now have enriched data and visualization options:

  • Enhanced Data: Added Country, Industry, and Company Size details via People Data Labs.
  • New Search Bar: Easily search items within the monitoring table.
  • Four New Widgets: Top countries, top industries, exposures in the last year, and victims per country map.
  • Guided Onboarding: A banner now offers educational onboarding for feature setup.
  • Victim Metadata: Victim names appear in card titles, and detailed metadata is available in event views.

This feature is now fully available, with the Beta tag removed.

📄 Threat Flow Custom Reports (Early Access)

Release Date: Apr 15, 2024

Our Custom Reports feature is in early access for selected customers and internal users. You can generate tailored reports by inputting specific keywords into Threat Flow, creating customized insights for your needs.

🔍 Credential Browser (BETA)

Release Date: Apr 11, 2024

The Credential Browser BETA is here, making it easier to manage and track leaked credentials:

  • Convenient Browsing Interface: Provides a holistic view of an organization’s leaked credentials.
  • Ignore/Remediate Actions: Ignore entire identity names (e.g., emails) or remediate specific credentials for better long-term tracking.

Note: Filtering by password policy will be added in a future update.

⚙️ Collection Tooling Improvements

Release Date: Apr 1, 2024

We’ve streamlined our collection infrastructure for dark web sources:

  • Simplified Source Configuration: New codehooks make source management cleaner.
  • Improved Coverage: Around 30 sources were optimized, including Cebulka and Germania, addressing critical login and data integration issues.

March 2024

🔐 Manage Identifier Limits at the Tenant Level

Release Date: Mar 1, 2024

Allows identifier limits to be managed by tenant within an organization, ensuring each tenant has visibility only on their allocated identifiers.

February 2024

🔒 Supply Chain Ransomware Exposure

Release Date: Feb 27, 2024

Enhanced monitoring capabilities to support supply chain ransomware exposure detection, providing critical insights into potential vulnerabilities.

📊 Reports – Improved Layouts

Release Date: Feb 27, 2024

Reports received a visual refresh for a cleaner, more professional layout, making data presentation clearer and easier to navigate.

🔐 Leaked Credentials Improvements – Phase 1

Feb 27, 2024

Improvements to leaked credential alerts, including new entry tracking and adding tags or notes to leak events. Phase 2 will add options to ignore or remediate leak items.

🔎 New Search Bar

Full Release: Feb 29, 2024

A new search bar offers an enhanced event search and filtering experience with improved layout and usability.

📢 Webhook Alert Channel

Release Date: Feb 23, 2024

Introducing a generic webhook integration that lets customers receive alerts in any service that supports webhooks, adding flexibility in alerting options.

⚡️ Threat Flow

Release Date: Feb 26, 2024

Threat Flow’s latest release focuses on transparency and real-time threat intelligence with access to raw data sources for in-depth cybersecurity insights.

🔐 Phishing Websites via Meta Facebook Ads

Release Date: Feb 19, 2024

A new feature that tracks phishing websites promoted via Meta Facebook Ads for improved phishing detection.

🔍 Stealer Log Improvements: Coverage, Speed, and UX

Release Date: Feb 19, 2024 (new logs) | Apr 12, 2024 (all logs)

Stealer logs from the new live pipeline now load faster with enhanced UI for better browsing. This UI will be applied to all previous logs in April after re-importing.

⚙️ API Improvements

Release Date: Feb 19, 2024

We’ve added API usage tracking and rate limiting by organization to improve API security and control. Additionally, API access permissions can now be managed at the org level.