We update this page regularly with improvements and updates about our platform. If you have questions about Echosec and our products, please feel free to contact us.
Once users have started monitoring for assets in the new risk portal, their dashboard now displays results metrics. This includes a graph of new asset matches over time, as well as a threat distribution tile to map threat types discovered:
The risk portal also supports a new asset type: IIN / BIN. This asset type is used to find compromises related to a user’s issuer or bank identification numbers:
New data provider: Whatsapp
Beacon customers now have access to public Whatsapp text data. Whatsapp post results will appear under the “Deep Web” tab and can be filtered under Advanced Search > Data Sources.
New Cross-Product Navigation Bar
The Echosec Systems Platform now has a cross-product navigation bar on the left, allowing users to easily pivot between Echosec, Beacon, their account Settings, and the new API Knowledge Base (more on this below).
From the new navigation bar, Beacon users will also be able to access our new asset monitoring system through the risk portal (more on this also below).
Introducing our new API Knowledge Base!
Echosec Systems customers now have access to an in-Platform Knowledge Base to learn more about our API. Users can view API documentation and case studies and build sample queries in the API Explorer to test its capabilities. Existing API customers can also generate API tokens and monitor their usage within the Knowledge Base.
Introducing our new asset monitoring system!
Beacon customers can now navigate to a risk portal from the left navbar, which allows users to input a customized portfolio of their organizations’ digital assets. The asset system will then monitor Beacon’s data feeds in real-time for indicators of risk to these assets. Visit our Knowledge Base for more information on how to get started.
Beacon customers also now have access to a threat tagging feature within the asset monitoring system. This feature uses proprietary machine learning algorithms to automatically detect and classify content within eight distinct threat categories, including identity hate and data disclosure:
Through the new navbar, Beacon customers can also update their account login information, view and invite new members to their organization, and monitor their monthly search usage under Settings.
Echosec users will now find their new and improved Settings pages through the cross-product navbar on the left:
When Beacon users flag posts of interest, those posts are now retained under the “Flagged” tab for a user’s entire session. This prevents flagged posts from being cleared between searches.
Beacon also has improved support for username-only accounts—users without an email address associated with their account can now export posts.
In a Saved Search, users can now flag posts of interest and sort them separately under the “View By” menu:
Users can also export only flagged posts from a Saved Search and select which data points (post columns) to include in the export. These columns match those in a Quick Search export, allowing users to easily compare data points between their CSV files.
Beacon results crawled from a social board or group now show the post’s group, board, chat, or subreddit name in the post result metadata:
Echosec now has improved support for user-name only accounts, including a new secure password reset option and the ability to download larger file sizes within the browser.
Echosec Pro users can also now export Quick Search results.
Users can now “Load More” at the bottom of a post detail in the Social or Documents tabs to view up to 15,000 characters in more lengthy post results:
When running a Quick Search, users can now flag posts of interest and select the flag icon under “View By” to filter flagged posts in the dashboard:
When exporting Quick Search results, users also have the option to export only these flagged results, or all Quick Search results. Exported CSV results now have a timezone header so users can more easily troubleshoot the post’s creation time.
New tab: Breaches
Beacon now allows users to search from over 10 billion records (and growing) of publicly-available leaked data repositories. These repositories are continuously refreshed as new breach events are discovered, allowing users to better detect leaks implicating their organization.
The Breaches tab is automatically queried when users run a search, showing any breached entities matching their search parameters.
When users view results for Gab, 4Chan, and 2Channel.moe, they also now see the post’s subnetwork (board title or group) in Beacon’s post metadata:
Echosec Quick Search results are now retained and marked as “read” when you save a search and view posts for that Saved Search.
Echosec users will also start receiving email notifications when their data usage reaches 50% and 90% of their monthly limits for searches and posts. This will give customers an opportunity to pause or adjust parameters on high-volume searches to avoid reaching usage limits.
New Documents Data Feed: PasteFS
PasteFS is a paste site where users can publicly share text, images, or document files. This differentiates it from other paste sites, such as Pastebin, which only allows text sharing. PasteFS admin does not actively monitor posts, making it a useful data source for nefarious content.
New Feature: Post Export
Beacon now allows users to flag posts of interest and export this data in CSV format. This enables users to retain specific content to facilitate further investigation, share with their team, or retain as evidence. Flagged results also appear in a separate “Flagged” tab to help users navigate through results more efficiently.
New Feature: Quick Search Keyword Translation
Users can now translate any keywords entered into the Echosec Quick Search field. Users can choose from 103 supported languages when translating, powered by Google Translate:
New social data feed: 2channel.moe
2channel.moe is an anonymous Russian imageboard site that functions similarly to 4chan. The site is hosted on the dark web, as it is blocked in Russia. Users post about a variety of topics—including politics, sharing Tor links, and technology discussions.
Beacon users can also now copy any highlighted entities in Beacon by hovering over the text, and pivot on post detail metadata, such as the site URL:
Beacon’s search results view now has a Documents tab in addition to Dark Web, Deep Web, and Social tabs:
Paste sites, which allow users to publicly share blocks of plain text, are commonly used to publish breached data. Documents separates data crawled from two paste sites, DeepPaste (dark web) and Pastebin (deep web), to give users better access to breached data sources. DeepPaste and Pastebin are also available in the Data Sources advanced search filter.
For more information about paste sites, check out our recent blog article.
Beacon now gathers public social media data in addition to information from dozens of existing sources, including messaging apps, dark web marketplaces, and more. New social media providers include:
- Gab: a social media network formatted similarly to Twitter and known for its far-right user base. The site has reported over 1 million active accounts since its 2017 launch and has become a valuable source of threat intelligence as a platform for extremist views and radicalization.
- Mastodon: a decentralized microblogging social platform similar to Twitter. The site has a varied user base with over 3.5 million accounts and allows text, video, and image sharing.
- Reddit: the 5th most visited site in the US, Reddit is a popular social news, content rating, and discussion forum site where users remain pseudonymous. Reddit is divided into communities called subreddits, which cover just about any topic within the site’s user policy.
- Raddle: a web-based forum where users share pictures, discussions, and links. Raddle sets itself apart from other centralized platforms by eliminating tracking, ads, user-profiling, and data or IP address collection/sharing.
- 4chan: An imageboard site containing a wide range of topics. Like many imageboards, the site is populated with subcultures and controversial activist groups, such as the alt-right. 4chan threads also expire from the site after a short amount of time, making its content structure unique from other imageboards.
- 8kun: The successor of 8chan, an anonymous forum populated with extremist users and hate speech. After three 8chan-linked mass-shootings, the popular board was taken offline in August 2019. In November of 2019, the board was controversially rebranded and launched as 8kun on the dark web.
- Endchan: An imageboard or "chan" site similar to other well-known imageboards like 4chan and the former 8chan. The site describes itself as "an anonymous imageboard that promotes ideas over identity."
Advanced Search filters have also been updated, and new social media providers are included under the Data Sources filter.
Beacon’s search results are now separated by Dark Web, Deep Web, and Social tabs:
Dark web results require special tools, such as a Tor browser, to access, while Deep Web and Social results can be accessed in a regular browser.
New data providers: Gab and Mastodon!
Echosec now retrieves data from Gab in keyword and author searches. Gab is a social media network formatted similarly to Twitter and known for its far-right user base. The site has reported over 1 million active accounts since its 2017 launch and has proven to be a valuable source of threat intelligence as a platform for extremist views.
Mastodon is a microblogging social platform similar to Twitter and supports keyword and author searches within Beacon. The site has a varied user base and allows text, video, and image sharing. Mastodon has over 3.5 million user accounts.
Critical online data exists in all areas of the internet, not just the dark web.
With Beacon, we gather information from dozens of sources from discussions, messaging apps, dark web marketplaces and more. Results returned in Beacon are now separated by Darknet and Clearnet tabs. Darknet results require special tools, such as a Tor browser, to access, while Clearnet results include deep web content that can be accessed in a regular browser.
Users are now notified if their searches contain unbalanced quotations or lowercase ANDs or ORs (to indicate Boolean logic).
Beacon now loads 20 initial search results instead of 10. This does not count as an additional search towards the user’s usage limit.
The Beacon entities bar list, which allows users to navigate quickly to highlighted information in post results, is updated—users can now also navigate to authors, external links, and IP addresses.
Beacon has a new pivoting feature: select highlighted entities to open a new search window and discover post results for that entity. Use this feature to find more posts linked to an author or personally identifiable information such as phone numbers and emails.
Beacon also has two new search filters. Search for posts by author by entering usernames or handles as a keyword:
Search for posts by phone number by entering one or more phone numbers as a keyword:
Both Echosec and Beacon were rebranded this month! Users will notice a new Beacon logo and login page design, as well as updated brand colours for both platforms.
Users can now pause, resume, hide, and show saved searches from the updated Search Streams view. Searches that have been paused or hidden will appear in their own columns to the right of all active or unhidden searches.
Display improvements were made to make small screen navigation easier.
Users can now access the announcement center, help, Echosec, and logout from the Beacon home page navigation bar. We've also incorporated feedback in Beacon’s Search Builder to ensure input like email and IP addresses are entered correctly.
Users can now pause individual saved searches by selecting “Pause Search.” This allows users to limit their account usage without deleting a saved search.
Echosec will begin retrieving new saved search data after selecting “Resume Search” from the same menu. Paused searches become highlighted in grey, move to the bottom of Saved Searches, and are removed from the Search Streams view.
Posts opened under saved searches are now automatically marked as “read.” This makes it easier for users to keep track of viewed posts without manually marking them. Users can still manually mark individual or all posts in a saved search as “read.”
Data providers such as Twitter prohibit searches using keywords that violate their acceptable use policy. Echosec now notifies users when blacklisted keywords have been entered in a search.
The Advanced Search Builder has been released! Beacon users can now choose which category they would like to search in, such as marketplaces, discussions, or data breaches.
Echosec has a new data provider: Raddle.me. Raddle.me is an online forum, similar to Reddit where users up or down-vote posts, which are sorted into categories based on topic. Note that new data feeds must be added to previously-saved searches to be included in results.
Users can also now delete individual posts from their saved search streams. When viewing a saved search, select individual posts using the check box in the bottom left of the post, or select all using the button at the top of the screen. You'll then see the option to delete in the top toolbar.
Beacon now has object detection! Beacon users can now find relevant posts by image as well as text.
Several new search filters have been added:
- The “site name” filter will allow searching for darknet sites that often have complex URLs that are difficult to remember or recognize.
- The “site type” filter will help with easy filtering of posts based on the site’s type (marketplace, chat, blog, etc).
- New advanced filter - “Minimum email count” helps users find posts that are more likely to be dumps of personally identifiable information by specifying the minimum number of email addresses that should appear in the post.
Central Notification Center: Echosec users can now change their email notifications for multiple searches from a central notification page.
New Announcement Center for both platforms! Echosec and Beacon users can now click the bell icon in the top toolbar of either platform to view a feed including new feature announcements, breaking news, and posts from our blog.
In April, we improved our pre-built search filter system so users get more relevant information and more accurate object detection.
We also made our notification destinations more flexible to users needs. Now there are more options for how users receive their email notifications.
There have also been some slight changes in wording around how to view saved searches.
Users will notice some slight design upgrades in Beacon, as well as minor changes in wording.
We've also made it easier for users to apply boolean logic to their searches by adding a sample view of accepted operators, (like OR, AND, NOT).
More exciting changes to both platforms in our May update. Stay tuned!
In March, we added our newest data provider, Telegram.Telegram is an instant messaging, voice, and video messaging service, often compared to Whatsapp. Read the blog post to learn more about Telegram.
Teams are now Organizations. With organizations, account owners can view all members of their organization, invite, and remove members.
Echosec users can now view their data usage as an organization or an individual user. We've built graphs and trend lines to help users visualize and manage their usage.
We have added pre-built search filters to the platform. Now, when users set up their searches, they can choose from a variety of pre-built filters to help them monitor for specific keywords. Pre-built filters include keywords relevant to positive or negative sentiment, violent incidents, natural disasters and more.
We improved our in-app chat service! Users can now chat with Echosec customer support in real time.
In Beacon, we added the functionality to do an advanced networks search - allowing users to search content from specific networks such as TOR, Zeronet, Telegram, Discord, and more.
We added a translate button so users can quickly translate post content.