Data and core infra moved to Germany

If things feel a little different when you access ShadowTrackr today, that might be cause the core infrastructure and data are in Germany now. This weekend the migration was completed. It was quite the operation, but I'll not go into it because it tends to get a bit boring to read about.

The point was to get the data in the EU. And not only have the data and servers moved, we also switched from an American to a German hosting company. We're following the calls to reduce dependencies outside the EU. That still means anyone from outside the EU is welcome to use ShadowTrackr of course.

The scanner nodes have not migrated yet. The are spread all over the world as we need them to be and still at the old hosting company. Most of them, perhaps all, will migrate too.

New: Censys and Shadowserver integrations

Two new integrations, and an update for the existing one (Shodan). These integrations allow you to enrich and import data into ShadowTrackr. For now they are mostly used for discovery and host data. Shadowserver has useful alerts too, and a next version of the integration might import these too.

Censys and Shodan are different than ShadowTrackr. These platforms widely scan the entire internet, and so might pick-up an asset that ShadowTrackr has missed. ShadowTrackr scans your organization in-depth (and not just the hosts and websites), maintains history, and has more reporting options. They are different tools that nicely complement each other. You can configure how often checks are done, so you can stay in control of the credits you have on Censys and Shodan.

If you have Shadowserver credentials and want to configure the integration, please check first if you receive their reports for just your assets or for other organizations too. If you run a CERT for an industry, you're likely to receive reports on the entire industry. If you are in law enforcement, you'll receive data on your entire jurisdiction. In those cases you'll want to tick the "no_suggestions" box on the Shadowserver configuration page in ShadowTrackr. If you don't do that, all assets that are not recognized as yours will be added as suggestions. This an run in the thousands.

Updated detections, and work on new integrations

Some updated detections have gone live this week.

Also, a bigger update is on the way: the Shodan plugin is being updated, and Censys and Shadowserver integrations are currently in test. They might just go live in the next update round :-)