Zanshin Release Notes

Here at Tenchi Security, we’ve been working hard to make Zanshin more powerful, accurate, and aligned with your needs. Here’s a look at the latest features we’ve added over the past months to help you reduce risk, stay compliant, and work more efficiently.
‍

🔎 Summary of Updates

Security Score Enhancements:

Historical score performance: now you can analyze historical score records up to 12 months.

New score based exclusively on public scan target information, so that 3rd parties security diligence on the specific topic of public attack surface security can be examined

Expanded Coverage: New scan target types - Digital Ocean and Trend Micro Vision One.

Compliance Reporting Upgrade: Support for CIS Controls 8.1, NIST CSF v2.0, and ISO 27001:2022.

Improved Scan Accuracy: Better severity ratings and precision for domain scans.

Faster Workflows: Bulk tagging for scan targets and unlimited bulk execution of alert tasks.

⚠️ Deprecation Notice: Some API endpoints are already deprecated and will be removed on September 22, 2025

‍

💡 Why it matters

These updates bring:

More visibility into the security posture over time.

Broader risk coverage with additional platforms supported.

Stronger compliance alignment to meet evolving regulatory demands.

Sharper insights with more accurate scan results.

Greater efficiency to save time managing alerts and scan targets at scale.

Clear transition time to move away from deprecated API endpoints before removal.
‍

Zanshin evolves alongside you - giving you the clarity to spend less energy chasing risks and more time managing them with confidence.
‍

👉 Watch the video below to see Zanshin’s updates in action - or click through to our website for all the details.

‍

I am thrilled to announce some exciting new features that will significantly enhance our product's capabilities:

• Scan Targets sharing settings
  Domain Scan Targets visibility

Crowdstrike Falcon and Microsoft Defender for Endpoint scanning support

New filters in Dashboards and Alerts Lists

Zanshin rule detection improvements

Navigation to Alerts is now restored

Scan Targets sharing settings

Now, each third-party organization (Following Organization) will be able to define which Scan Targets they share with which first-party organization (Follower Organization). This applies in several places in Zanshin:

• During the creation of a new Scan Target, a sharing configuration allows to select the appropriate sharing type:
  All Followers: The Scan Target being created will be visible to all Follower Organizations.Selected followers: Only some of the Follower Organizations will have visibility on the Scan Target being created.Private: There is no Follower Organization with visibility on the Scan Target being created.

On the Scan Target details page, the Following Organization will be able to see the Tab “Tags and Sharing”, in order to view or edit the sharing type and the list of Follower Organizations that will have visibility on the corresponding Scan Target.

In the Follower Details page, the Following Organization is now able to select (by Scan Target Tag and Scan Target Name) the Scan Targets needed to be shared with the corresponding Follower Organization.

Domain Scan Targets visibility

Since the findings related to Domain Scan Targets are based on public data, they will now be visible to all licensed Organizations in Zanshin. This will provide a more streamlined way to showcase your domain’s security performance and compliance, and bring Zanshin in line with widespread industry practice. This allows your Organization to build trust and demonstrate security best practices to your customers and partners.

Crowdstrike Falcon and Microsoft Defender for Endpoint scanning support

Zanshin now supports scanning two additional platform types:

Crowdstrike Falcon: A cybersecurity platform that provides cloud-native endpoint protection, threat intelligence, and incident response services. You can find this Scan Target Type under the new section Security Tools in the Scan Targets Dashboard.

Microsoft Defender for Endpoint: An enterprise-grade endpoint security solution and a key component of the Microsoft Security suite. In Zanshin, the predefined security checks for Microsoft Defender are seamlessly executed as part of Microsoft 365 scans. This integration operates transparently, requiring no additional action from the user.

As usual, Zanshin will scan these platforms without ever having access to your sensitive data. We simply ask for the minimal set of permissions to review security-relevant settings to ensure you stay as safe as possible.

New filters available in Dashboard and Alerts lists

New filtering options were introduced in Zanshin to help you quickly find the most relevant information in your dashboards and alerts lists. These enhancements will provide greater control and efficiency when reviewing security data.

• You can filter information by Scan Target Tags or Scan Target names (up to 10 items), in:
  My Organization Dashboard

My Organization Alerts

• Similarly, if you are monitoring your Following Organizations, you can now filter this dashboard by Following Organization Tags or Following Organization Names (up to 10 items).
  Following Alerts Dashboard

Following Organization Alerts

Zanshin Rule detection improvements

We have introduced an enhancement in the "IP Address with bad reputation detected" Rule, in order to help identify potential threats and take proactive measures to protect the network and systems from malicious activities. As a result, new alerts may be triggered based on this enhanced detection capability.

Navigation to Alerts is now restored

We want to inform you that the Navigation to Alerts, which was previously impacted by an issue reported in January, has now been fully restored. You can once again drill-down seamlessly to the ‘Alerts List’ from Compliance KPIs and Dashboards, with preset filters applied for a more efficient experience.

‍

I am thrilled to announce some exciting new features that will significantly enhance our product's capabilities:

Organization Score

IBM Cloud and Bitdefender scanning support

Please reach out to the Customer Success team to enable these new features for your organization immediately. In the next few days, you will be able to view your organization's score. However, to enable viewing the score of your third parties (Following Organizations), please contact the Customer Success team.

Organization Score

The Score is a comprehensive metric designed to provide an easy-to-understand assessment of an organization’s security posture. It is calculated by weighing a variety of factors based on the automated tests performed by Zanshin on your Scan Targets.

The design of the Score was a joint project between Tenchi Security's  own engineering and data science teams supported by the deep expertise of the Cyentia Institute, one of the leading organizations globally in the application of data science to information security.

Our Score combines a variety of factors that take into account the number of active Alerts and their relative Severities; the age of the active Alerts and the timeliness with which the Organization has fixed Alerts historically; the number of Alerts that have been reopened; the relative density of Alerts based on the number of assets Zanshin sees during its scans.

The scoring system uses both a numerical and a letter scale. The numerical scale ranges from 1.0 to 10.0, where 1.0 is the lowest and 10.0 is the highest score. The letter scale consists of A, B, C, D, and F, where A is the highest and F is the lowest Score.

The Score that first-parties (Follower Organizations) see for their third-parties (Following Organizations) is determined by the specific Scan Target visibility of that relationship. If an Organization has ten Scan Targets but only shares three of them with a Follower, the Score that Follower sees is representative only of those three Scan Targets.

The Scores of third-parties are visible to first-party users across multiple pages within Zanshin, including the Following Dashboard, Organizations List and Organization Details pages:

The Following Dashboard below displays the score distribution of third-party organizations. It also identifies the five organizations with the highest and lowest Scores.

The list of Following Organizations below is displayed with their scores. The "Score" column can be sorted in ascending or descending order.

The Following Organization Details page also displays the Score, which is based on the Scan Targets that this Following organization shares with its Follower.

On the My Organization Dashboard, Zanshin organizations can now view their own Score, based on all their Scan Targets, and the Score distribution as seen by their Follower Organizations. Remember that the score may vary for Follower Organizations depending on which Scan Targets are shared with them:

The Followers page and Follower Organization Details page will display my Score as viewed by my Follower Organizations.

Domain Scan Targets creation

Tenchi will ensure that every organization has a Score by creating one or more Domain Scan Targets for any organization currently lacking one. Findings related to Domain Scan Targets are now visible to all licensed Zanshin Organizations, as they are based on public data, and they will also be used in the Score calculation.

IBM Cloud and Bitdefender scanning support

We’re excited to share that Zanshin now supports two new Scan Target types: IBM Cloud and Bitdefender! This update expands our platform’s capabilities, giving you even greater visibility into your third-party ecosystem and enabling more comprehensive risk assessments.

What’s New?

IBM Cloud: it is a leading enterprise cloud platform offering IaaS and PaaS solutions for building, running, and managing applications and services. With our new scanning support, Zanshin can now assess security configurations, helping you reduce risk across a broader range of infrastructure.

Bitdefender: it provides industry-leading cybersecurity solutions, including endpoint protection, detection and response, and threat prevention. By supporting Bitdefender as a scan target, Zanshin enables visibility into the security posture and alert status of third parties using this platform, enhancing your ability to monitor defenses against malware and advanced threats.

As usual, Zanshin will scan these platforms without ever having access to your sensitive data,  simply asking for the minimal set of permissions to review security-relevant settings to ensure you stay as safe as possible.

‍

We are reaching out to share exciting updates related to Domain Scan Targets in Zanshin, designed to enhance transparency, control, and overall user experience.

Why is this changing?

We are continuously working to improve your experience in Zanshin. These updates are designed to enhance visibility, accuracy, and user control over Domain Scan Targets, aligning our platform with industry best practices.

What is changing?

New modes for Domain Scan Targets

Changes to remove a Domain Scan Target

New modes for Domain Scan Targets

We have introduced two different modes for Domain Scan Targets. This information is shown on the Domain Scan Targets Details Page, under the Settings tab:

• Managed Mode (Recommended)
  Provides deeper insights and uncovers more complex issues.Offers higher accuracy in Scan Target results.Allows control over scan frequency.Ability to initiate scans at any time.

• Background Mode
  Provides a broad overview focusing on less resource-intensive checks.Scan Frequency options are disabled in this mode.

Currently, all existing Domain Scan Targets are set to Managed mode. While you can switch from Managed mode to Background mode at any time, we strongly recommend keeping them in Managed mode for the most comprehensive and accurate monitoring.

Newly created Domain Scan Targets are initially set to Background mode. To enable Managed mode, we must validate the domain to confirm that your organization has control over it. This validation process is essential to verify domain ownership and ensure accurate monitoring.

Changes to remove Domain Scan Targets

As previously communicated, visibility for Domain Scan Targets has changed.

Since the findings related to Domain Scan Targets are based on public data, they will now be visible to all licensed Organizations in Zanshin. This will provide a more streamlined way to showcase your domain’s security performance and compliance, and bring Zanshin in line with widespread industry practice. This allows your Organization to build trust and demonstrate security best practices to your customers and partners.

In alignment with the visibility of Domain Scan Targets, now users can no longer directly remove them. Instead, users can request to remove them. This request will be handled by our Customer Success Team, who will evaluate the case and communicate the outcome.

To facilitate this process, a new option “Why is this here?” is now available in the Scan Target list, for Domain Scan Targets.

Selecting this option will provide an explanation about why the Domain Scan Target is listed and offer a way to contact our Customer Success Team if you wish to proceed with a removal request:

Users can then proceed to submit a request to remove the Domain Scan Target:

This option is also available on the Domain Scan Targets Details Page, under the Settings tab:

‍