Skip to main content
From cyberdefense history to innovation – discover it at Black Hat 2025!
Learn More
Request a Demo

Supercharge Your Workflow: Introducing Polarity’s Document Search and Enhanced API Security!

We’re thrilled to announce the latest release of Polarity Client and Server, packed with powerful new features designed to make your investigations faster, more secure, and more efficient than ever before! This update introduces a game-changing Document Search capability and significant enhancements to our API with new API Tokens, opening up a world of possibilities for automation and integration.

Uncover Insights Instantly with Document Search

Imagine sifting through a lengthy report, hunting for specific indicators. Tedious, right? Not anymore! With our new Document Search mode, you can now simply drag and drop any supported document directly into the Polarity client. We’ll automatically scan it for indicators, displaying the results in a dedicated search window. No more manual searching, no more opening multiple applications—just seamless, instant intelligence at your fingertips.

This powerful new feature supports a wide range of document types, including:

  • .pdf
  • .csv
  • .xlsx
  • .docx
  • .xml
  • .json
  • .png
  • .jpeg
  • .key
  • .pptx
  • .eml
  • .txt

Whether you’re analyzing threat intelligence reports, sifting through incident response logs, or reviewing internal documents, Document Search will dramatically reduce the time it takes to extract critical information.

Enhanced Security and Automation with Polarity API Tokens

For our customers who leverage the power of the Polarity API, this release brings a significant security and usability upgrade: API Tokens.

Previously, authenticating with the Polarity API often involved using a user’s username and password. Now, administrators can easily create dedicated API tokens to authenticate API requests. These tokens function much like a regular user, allowing administrators to grant them specific access to integrations and channels. This means:

  • Improved Security: Eliminate the need to use user credentials in scripts or applications, reducing the risk of exposure.
  • Granular Control: Assign precise permissions to each token, ensuring API access is limited to exactly what’s needed.
  • Simplified Management: Easily revoke or regenerate tokens without impacting user accounts.

What Can You Do with the Polarity API?

The Polarity API unlocks a vast array of automation and integration possibilities, allowing you to seamlessly weave Polarity’s powerful data overlay into your existing workflows. With API tokens, these capabilities are now more secure and manageable than ever.

Here are just a few examples of what you can achieve with the Polarity API:

  • Automate Data Enrichment: Programmatically send indicators to Polarity for enrichment and receive contextual information from all your integrated data sources.
  • Integrate with SIEMs and SOAR Platforms: Pull Polarity’s insights directly into your security information and event management (SIEM) or security orchestration, automation, and response (SOAR) platforms for automated incident triage and response.
  • Build Custom Workflows: Develop bespoke applications and scripts that leverage Polarity’s data to streamline your unique operational processes.
  • Centralize Threat Intelligence: Programmatically add indicators or share information across your teams within Polarity.
  • Automate Reporting: Extract specific insights from Polarity for inclusion in automated reports and dashboards.

This new authentication method makes integrating Polarity into your automated systems even more robust and secure.

Plus, More Enhancements to Boost Your Productivity!

We’ve also included several other valuable updates in this release:

  • French OCR Support: Analysts can now enable French language recognition for our Optical Character Recognition (OCR) modes, allowing for accurate extraction of French-accented characters from images.
  • Flexible macOS Installation: Non-administrative users can now install the macOS desktop application.
  • Updated macOS Focus Mode Shortcut: The default shortcut key for Focus Mode on macOS has been updated to CMD+Shift+U to avoid conflicts with macOS Sequoia.
  • Server Time-to-Live (TTL) for User Sessions: Admins can now set a server-side TTL to force user re-authentication after a period of inactivity, enhancing overall security.
  • ForceAuthn SAML Support: For organizations using SAML, you can now enable ForceAuthn to ensure users re-authenticate through their Identity Provider (IDP), enabling MFA.

This release represents our continued commitment to providing you with the most effective and efficient intelligence overlay platform. We’re confident that Document Search and the enhanced API with tokens will significantly empower your team.

Ready to experience these new capabilities? Update your Polarity Client and Server today!

About the Author

Joe Miller

Joe Miller serves as the Senior Director of Product at ThreatConnect for Polarity and AI Research. As the Product Manager for Polarity since its inception in 2014, Joe brings a wealth of expertise in data science and logistics to the role. Outside of work, he is passionate about axe throwing and enjoys immersing himself in Dungeons & Dragons.