Memory problems

After an update of some components of underlying software, our servers have shown signs of memory leaks. Rolling back will mean detecting less software, so we are currently pushing through with some workarounds.

This problem has the highest priority. Apologies for the slower services.

More scanner nodes and new locations

Things are going well and the total number of assets under monitoring is ever increasing. That means that scanning capacity had to increase too. Unfortunately, this was lagging a bit. Some host and website scans where consistently running behind schedule.

Adding new scanner nodes is a job that only requires a few minutes per node. It's not fully automated (yet), but not really a major hurdle too. What was a challenge is making sure the central database and webservers remain snappy and don't grind to a halt.

The good news: It has been fixed. Besides the extra nodes we've also added extra datacenters: Mumbai (India) and Toronto (Canada) are now scanner node locations too. The extra capacity should kill the backlog in a few days. If not we'll be adding extra nodes again later this week.

Shodan integration

As of this week, you can use you Shodan account to enrich your ShadowTrackr results.

The big difference with ShadowTrackr is that Shodan scans a large part of the hosts on internet and mostly focuses on ICS and IoT. So if Shodan scans a host, there will be more ports scanned and more port data available than you get from a ShadowTrackr scan. ShadowTrackr scans all your assets and all related infrastructure (not the entire internet) and tracks your historic data. So, in short: ShadowTrackr is more suited for discovering and monitoring your entire attack surface, Shodan is more suited for in-depth port scans and ICS/IoT. If you need more port data or expect to find ICS/IoT, then enabling the Shodan integration is useful.