July 14th, 2026 — URL Scanning 2.0, RBAC for Service Accounts, and Invitations Page Improvements

🌐 URL Scanning 2.0: From static verdicts to living investigations

We are delivering major investigative upgrades to automated URL analysis that turn every URL report into a living, historical view. By moving beyond static reports, this update significantly reduces Mean Time to Resolve (MTTR) for phishing and malicious-link investigations by letting analysts see the page, trace execution, and track evolution.

  • Enriched URL Reports (Powered by full browser instances): Powerful metadata is now surfaced right inside the investigation workflow. Users can now view live screenshots (to see the rendered page as the victim does), DOM trees, console messages, page stats (network requests, response sizes, cookies), web technologies, and full session parameters.
  • Automated Brand Identification: By feeding live screenshots and DOM data directly into AI models, the platform visually detects exactly who a site is impersonating, completely defeating advanced text-obfuscation tactics.
  • Historical Analysis Pivoting: Travel back through a URL's timeline with point-in-time snapshots. Report tabs (Summary, Detection, Details, and Content) now dynamically re-render to match that exact historical state—not just the latest scan.
  • Footprint Hunting via Pivotable Technical Identifiers: Turn a single indicator into an infrastructure map. Key technical markers like response headers, JavaScript global variables, contacted external domains, and Identified Brands are now pivotable and searchable attributes, allowing analysts to instantly find other URLs exhibiting the same technical fingerprint.

Learn more: Check out the URL Report Summary documentation.

🔑 Role-Based Access Control (RBAC) and Quota Management for Service Accounts

Service accounts are now managed just like users with full RBAC and Quota Management, strengthening enterprise-grade security and governance on the Google TI platform.

  • Service Accounts RBAC Parity: You can now assign specific roles and enforce quota limits directly on Service Accounts.
  • Module-Specific Role Filtering: Locate and review permissions quickly with new mix-and-match filters down to specific module roles, such as GTI Alerts and Private Scanning.
  • Partial/Substring Search: Substring search is now supported—type any part of a name, description, or email to find what you need instantly.

📋 Invitations Page Improvements

We have rolled out further improvements to the Invitations page to make identity governance even more robust and transparent.

  • Sender & Timestamp Visibility: Administrators can now see exactly who sent an invitation and when it was sent.
  • Extended Invitation Statuses: We’ve expanded invitation tracking beyond just “pending”. You can now see if an invite has been Joined or Revoked in addition to Pending.
  • Status Filtering: A new filter allows you to easily sort and view invitations by their current status (Pending, Joined, Revoked) and the roles set in the invite.