Threat Command Release Notes

This document is no longer updated as of May 23, 2025. Read new release notes in the Command Platform Help.

This release provides additional support from our remediation services, auto-enabled terms of service, new Ransomware-Blog-Scraper sources, as well as various fixes.

This release provides a new Darkweb source, a policy rule for Botnets type alerts, as well as various improvements and fixes.

This release provides a new Trusted Source, a new Darkweb source, InsightVM multi-tenancy support, password encryption, as well as an improvement to scraping infrastructure.

This release provides a new release of the IBM QRadar external app, tag filtering for VRA affected hosts, direct help links from inside Threat Command, and an added title attribute for policy emails.

This release provides the migration of the Help to the Rapid7 Docs site, disabling of IntSights SSO for migrated customers, and new VRA sorting and filtering options.

This release provides adding a note to multiple alerts, subdomain discovery improvements, and the disabling of IntSights SSO for migrated customers.

This release provides faster, automatic alerts for breach or ransomware leaks, alerts for lookalike domains, a new ServiceNow SIR app, confidential documents degradation, attributes for policy emails, and FireEye Intelligence/Mandiant TIP source changes.

This release provides aggregation of Asset mention alerts, the addition of the closing reason in the Alerts API, and performance improvements.

This release provides improved analysis accuracy of Asset Mention alerts and a new version of the 'Add New MSSP Customer' API route.