Deeper detection, beyond every surface

Social media, AI-generated risks, and your vendor ecosystem

CybelAngel extends detection beyond the perimeter: across the dark web, AI-generated attack surfaces, social media platforms, and your vendor ecosystem. You know before the damage is done.

[New] Dedicated Social Media Impersonation Module

Access your social media reports in a standalone module. Activate it instantly, no extra setup.

[New] Extended Social Media Monitoring

Monitoring now covers accounts, profiles, and posts across YouTube and other platforms. Detect impersonation, leaked data, and threat actors actively targeting your brand and executives.

[Coming Q3] AI Data Breach Detection

Automatically detect credentials, API keys, and business data exposed by AI-generated applications. Reports are enriched with context and fewer false positives, so your team can act immediately.

AI native detection, AI threat ready

Smarter reports, unified threat intelligence, vendor visibility

AI tools move fast. So do the risks they create. CybelAngel enriches your reports with context and fewer false positives, so your team turns raw signals into clear decisions.

[Beta] Smarter Reports on Exposed APIs

Automated, analyst-validated incident reports on your most sensitive exposed API endpoints. Each report prioritises exposures by severity (1 to 4) and includes the detection date, what the API exposes, technical details, and recommended next steps.

[Coming Q3] Vendor Exposure Monitoring

Continuous monitoring of your supplier ecosystem. Get alerted when a vendor is breached before they tell you. Contact your Customer Success Manager to join the beta.

[Beta] Unified Threat Intelligence View

A searchable directory of threat actors with full context: activity status, attack history, top targeted countries and industries, and preferred attack methods. Plus a live feed of ongoing and claimed attack campaigns. Filter by category, industry, country, or threat actor.

The right plan for your teams

Dashboards, API access, and direct feedback loops

Security teams come in all shapes and sizes. CybelAngel adapts to yours: whether you need role-specific views, scoped integrations, or a direct feedback channel back into detection quality.

[Coming Q3] Custom Dashboard

Tailor your dashboards across your full monitored perimeter, focusing on what matters to your daily work. Build role-specific views for the CISO, the SOC Manager, or your analysts, so each team sees the information most relevant to them.

[Coming Q3] Reinforced API Access

Generate and manage multiple API keys so you can plug CybelAngel intelligence into your stack on your own terms. Scoped by team or use case.

[Coming Q3] Native Report Rating

Rate reports directly in the platform. Your ratings feed straight into detection accuracy, closing the loop between your team and our models.

Use CybelAngel your way

Access controls, audit trails, and usage tracking

Your team, your workflow, your rules. CybelAngel gives you the control to manage access, automate integrations, and track usage, so the platform works the way your organisation does.

[New] Segment Access to Inventory

Identify and control who can view and access your inventory, based on team responsibilities. Give each team or business unit visibility into only the assets relevant to them.

[New] Audit Log Accessibility

Full action traceability across your environment, essential for compliance and team oversight. Access your audit log via the API to review who did what, and when.

[New] Credits Monitoring

See your Professional Services credits: contracted, used, and remaining, directly in the platform. Break down usage by service category and by team member, browse the full catalogue, and top up before you run out.

Start fast, scale at your pace

Self-service entry points and automated reporting

Whether you need a standalone module, a full suite, or a self-service entry point that lets you start immediately and scale on your own terms.

[Beta] Self-Service Plan

Phishing, fraud, and brand abuse reports on Domain Protection are now generated and delivered automatically: fast and continuous, including weekends and non-business days. Your analysts stay at the core of the process for critical incidents, enriched context, and on-demand services. Same detection logic, same SLAs.

[New] CybelAngel at Your Own Pace

Generate an exposure report from a simple keyword to see your external risk for yourself, before committing. A guided way to discover what CybelAngel detects across your perimeter, from day one.

Wider inventory coverage, sharper threats

Enhanced fingerprinting across your perimeter and IoC-driven precision on every domain finding.

  • Extended Assets Inventory [GA]


    Shadow IT, cloud, and third-party assets surfaced via enhanced fingerprinting. Exposed credentials auto-generate investigation reports.

  • Faster Brand Abuse Detection [GA]


    IoC feed cross-referencing at ingestion across Domain Protection. Less manual triage, executive-ready findings.

  • Sharper Threat Landscape Intelligence [GA]


    IoC enrichment extended across all domain and brand threat categories for richer context and less noise.

Automated reporting and AI-aware research

Automated reports, AI infrastructure exploration, and continuous 24/7 coverage.

  • Exposed APIs to Reports Automatically [Beta]


    Sensitive API exposures are now turned into structured, ready-to-use reports without manual triage. Analysts can pick up the report directly and act on it.

  • AI Infrastructure Exposure Detection [Research]


    Early scanning for exposed AI infrastructure such as LLMs and automation tooling. Broader rollout is planned for Q2 2026.

  • Continuous Domain Threat Reporting [Beta]


    Domain findings are now generated continuously, including weekends, with analysts staying central for critical incidents.

Vendor visibility, role-based access, audit traceability

The foundations of the Q2 2026 rollouts.

  • Third-Party Risk Monitoring [Beta]


    The first beta of vendor exposure tracking, alongside the ransomware claimed attacks newsletter. Platform-native vendor monitoring follows in Q2 2026.

  • Role-Based Permissions and Workspaces [GA]


    Admin, Contributor, and Viewer roles with dedicated workspaces for each team, subsidiary, or scope your organisation needs.

  • Audit Log via API [GA]


    Full compliance traceability available programmatically through the new GET /v1/{org_id}/audit-logs endpoint.

Shipped in 2025

Overall we release 11 updates including the TI Dashboard, Claimed Attack API, ADM Threat Status Tracking, Redesigned User Management, and Keyword Optimization.

Frequently Asked Questions

The changelog is updated continuously as features ship. Each quarter we publish a structured recap covering everything that moved to Generally Available, entered Beta, started Research, or is planned for the next quarter.

GA (Generally Available): shipped to all customers as part of your subscription. Beta: available to opt-in customers. Contact your Customer Success Manager to join. Research: early-stage exploration, not yet a committed feature. Coming Q2: confirmed for the current quarter’s roadmap.

Reach out to your Customer Success Manager. They will check eligibility, walk you through what is being tested, and enable the feature on your account. Most betas are available to all subscription tiers.

Use the Contact form, or raise it directly with your Customer Success Manager. Customer-submitted ideas are reviewed during each quarterly roadmap planning cycle, and high-impact ones often ship within the same or the following quarter.

The next-quarter roadmap is committed, but priorities can shift based on emerging threats, customer demand, or technical findings during development. We will always communicate scope changes via the changelog and through your Customer Success Manager.