A lot moved in May. ThreatSpike product updates this month spanned almost every corner of the platform, and a good few the community has been asking for. From port scanning in automated recon, to PDF imports into the Knowledge Base – the list covers a lot of ground. Below is everything that shipped, what it does, and what’s been fixed.
New ThreatSpike Product Updates This Month
Automated Recon: Port Scanning
The automated reconnaissance module now includes full port scanning, giving you a richer, more complete picture of your attack surface alongside scheduler integration. We’ve also refreshed the UI while we were at it.
Email Gateway: Quarantine Messaging
If you’ve ever hit that ‘not authorised’ screen on the email quarantine page and had no idea what to do next – that’s fixed. The portal now shows a clear message when you arrive via an expired digest link, pointing you straight to your most recent one.
Support for Secondary Domains
You can now request additional domains for your account. Your team gets the flexibility to register and sign in using email addresses across multiple domains on a single ThreatSpike Wire account.
Database Monitoring: At-a-Glance
No more clicking into every job individually to check alert settings. The Configured Jobs table in Service > Job Monitoring now has an Alerts Enabled column, so you can see at a glance which jobs have failure alerts turned on.
Knowledge Base: PDF Importer
Upload up to 10 PDFs directly into the Knowledge Base and the platform converts them into structured Blueprints automatically. If you close the tab or refresh mid-import, it picks up exactly where it left off.
Asset Inventory: UIDs and Direct Links
You can now define a unique identifier (UID) field in your asset schema, making it straightforward to tag and track individual assets without duplicates. Once a UID is assigned, hit the new Copy Link button on the Asset View page to grab a shareable URL that takes anyone directly to that asset. You can also search for any asset in the query bar using show asset <asset_id>.
PBX Hunt Groups
The ThreatSpike phone system now supports Hunt Groups. When a call comes in, the system works through a sequence of destinations in order; if the first doesn’t pick up within the configured timeout, it moves to the next, with a fallback destination if none respond. Granular control over call routing, and no call goes unanswered.
Service Rerouting
Our team can now dynamically reconfigure network services within the platform. If our standard endpoints are unreachable from your environment, we can reroute your service to an alternative port or IP address quickly, without disruption on your end.
Ticketing: Teams, Followers and Approval Process
Several interconnected ticketing features have gone live together this month:
Ticketing Teams: Create Teams within your ticket channels to streamline triage and keep things moving. Assign and filter tickets by team for a cleaner workflow, and use Private teams to keep sensitive tickets visible only to the right people.
Ticket Followers: Follow any ticket to receive email updates without being assigned to it. Unfollow whenever it stops being relevant to you.
Ticket Approval Process: Tickets now have a built-in approval flow. Mark a comment as requiring sign-off and designated approvers can accept or reject it directly on the ticket. The ticket can still be updated while approval is pending, and its SLA pauses until a decision is made.
Other Improvements and Fixes
Improvements:
- Email Gateway: Increased timeouts for sending and receiving mail, resolving delivery issues caused by slow or overloaded recipient mail servers.
- Email Gateway: Improved handling of delivery failure notifications to prevent message loops from forwarding rules on recipient mailboxes.
- Email Gateway: The platform now always shows who released an email, including releases made manually outside the standard review process.
- Web Firewall (WAF): The WAF now supports rewriting the WebSocket Origin header, resolving compatibility issues with web applications that validate WebSocket connections against their backend domain.
- Database Monitoring: Timestamps in Service > Job Monitoring now display in UTC.
- Graph Security API: Alert severity is now shown in the incident description.
- Network Management: RTT measurements are more accurate, and SSH connectivity is now compatible with a wider range of devices and vendors.
- Forms: Borders added to grouped content for easier reading and navigation.
- Ticketing: New filters added for time window, assignee, and team, plus new charts and categories including priority, creation, and close by.
- Ticketing: Automatic replies can now include the ticket link and sender name.
- Ticketing: Keywords can be added to a blocklist to prevent emails. containing them from raising tickets.
- Ticketing: Small improvements to capturing email conversation history.
Bug Fixes:
- Report Filters: Fixed pre-selected report filters not rendering when clicking “Edit” on an individual report.
- Productivity Reports: Fixed incorrect durations in exported CSV reports.
- Microsoft Office recognition: Fixed Microsoft Office 2024 versions displaying as “None” under the show Microsoft office versions query.
- Custom Web Notification Templates: Fixed a bug that prevented them from being deleted
Not using ThreatSpike yet? Book your free demo with one of our expert consultants to see all these features and more, in action.
