Full Report
Over the years we’ve offered almost all our tools, papers, presentations and other materials for free, albeit with a “registration required” proviso. The registration wall has been in place for some time now, and was used to track unique users as well as permit users to opt into SensePost mailruns. What we found though, is that registration is more of a hindrance than a benefit; it creates an artificial barrier with little reward. The data isn’t that useful to us and the added steps just an extra annoyance for users, and we wanted to streamline things a little.
Analysis Summary
# Main Topic
Change in Access Policy: Removal of Registration Requirement for SensePost Resources
## Key Points
- SensePost has removed the mandatory "registration required" condition for accessing their free tools, papers, presentations, and other materials.
- The registration system was originally implemented to track unique users and allow opt-in for mailruns.
- The decision was driven by the finding that the registration barrier provided little benefit (data was not very useful to SensePost) and acted as an annoyance/hindrance to users.
- Resources are now available for direct download without prior sign-up.
- Existing registration data for users who *did not* opt into mailruns will be purged.
- User data for those who *did* opt into mailruns will be retained only for the purpose of sending those mailruns.
## Threat Actors
- Not Applicable (This item describes an operational change by the content owner, SensePost, not a threat actor or campaign).
## TTPs
- Not Applicable (This is an organizational policy update, not an analysis of adversary techniques).
## Affected Systems
- The system affected is the access mechanism for SensePost's freely distributed research materials (e.g., tools like Wikto, papers, presentations).
## Mitigations
- Not Applicable (This is a user/provider benefit, not a defense against an external threat).
## Conclusion
SensePost has streamlined access to its resources by eliminating the registration gate, aiming to improve user experience. This move impacts how users access materials like Wikto, prioritizing ease of access over detailed user tracking by the content provider.