Ignoring assets

Some of the bigger clients have infrastructure of which they only want to monitor a subset. For domains with many subdomains this has been available for a while. It wasn't really the most usable or logical solution, but it worked. And then a new problem surfaced.

ShadowTrackr picked up about 1400 docker containers on a particular subdomain. These were not really important to the client and messages about the docker instances started crowding out the important ones on the timeline. Ignoring this meant clicking 1400 checkboxes to start, and then manually tracking all new hosts as the are generated. The client of course requested a feature to ignore an entire subdomain.

I took the opportunity to redesign the ignore filter. The new version will give you a better overview, is available for all domains (including those with only a few subdomains or hosts) and supports automatically ignoring anything found on a subdomain. If, for instance, you want to ignore all hosts under docker.shadowtrackr.com, you:

• add the subdomain under assets
• click on the + sign after adding
• click on the filter link right next to it
• tick the box to ignore subdomains for it
• save the new settings

You will be able to see all newly found urls for the subdomain under ignored assets, but no messages about these will appear on your timeline. Be careful to only ignore assets that do not create risks for you. If you do ignore something your business partners or clients consider yours, this might blow up in your face when you miss a security warning.

Ignoring not only urls but also ips is still on the todo list. This will be added next.