DomainTools Security Suite Enterprise Packages
無論是您正在調查未知的網絡流量,釣魚電子郵件,網路或電子商務詐騙,DomainTools是您最佳的幫手。我們的安全套件可以幫助您查出該網域名稱是否具有風險,誰在背後操控或是有其他相關連結的網路資訊。
這就是為什麼10多年來,證券分析師和網絡犯罪調查人員使用DomainTools來做為其調查的重要工具。憑藉著雍有超過14年網域名所有權和相關數據者,DomainTools有助於在網域名稱、IP位置和其他線上數據、犯罪組織間做連結,形成一個犯罪活動的組織地圖。是幫助使用者做風險評估的最佳軟體。
威脅情報
使用DomainTools支持您的安全庫
- 提高可視性 - 更好的風險評估
- 將威脅情景映射到防火牆之外
- 獲得態勢感知
取證和事件響應
DomainTools提供其他工具無法提供的見解:
- 映射連接基礎設施
- 了解哪些指標最需要關注
- 加快調查,以減少風險
威脅搜索
DomainTools是您的威脅尋找武器庫中不可或缺的一部分:
- 在攻擊者行動之前識別並阻止他們
- 在不添加人數的情況下啟用威脅搜索
- 將響應時間從幾天縮短到幾分鐘
網絡釣魚檢測
將魚餌從釣魚者手中奪走:
- 從被動變為主動
- 擾亂魚叉魚術
- 屬性網上誘騙活動
品牌保護
利用域名數據打擊欺詐:
- 揭露誰是在線侵權的背後
- 通過互聯網主動監控您的品牌
- 了解欺詐活動的範圍和嚴重程度
在線欺詐調查
使用DomainTools節省數百萬美元並保護寶貴的知識產權:
- 找出欺詐背後的“究竟是誰”
- 跟踪狼,找到包
- 保護您的收入和聲譽
Enterprise Membership Packages
Iris Detect | Iris Enrich | Iris Investigate | Data Feeds |
Bundled by: Monitors Interactive or automated discovery of lookalike domains |
Bundled by: Queries SIEM, SOAR, general automation |
Bundled by: Queries Interactive analysis and investigations |
Bundled by: Access Integration into tools, products, and services |
APIs
Integrate DomainTools data with existing tools or products
Bigger Threats Require More Advanced Solutions
For Security Operations Centers (SOCs), Fraud Analysts and Solution Vendors that need to integrate DomainTools data into their existing workflows, we offer comprehensive and scalable APIs. The DomainTools APIs are used by customers and partners to put DomainTools data adjacent to their network through partner pass-through integrations to enable workflows in TIP, Orchestration and SIEM technologies. Additionally, the DomainTools APIs are REST based and come with pre-written Python wrappers making it easy to incorporate into your own internal tools as you see fit.
Integrate with your Own Solutions
Domain-based threat intelligence is a natural complement to many security products.
Augment Existing Data Sets
Integrate into SIEM and detection tools to provide domain profile information in “one pane of glass.”
Automate and Streamline Investigative Processes
Scale your efforts by leveraging DomainTools data directly into your workflows.
Iris Detect API
Incorporate newly discovered infringing domains into security controls or alerting.
Alert on changes to evolving infrastructure.
Block escalated domains in network or application security tools.
Iris Enrich API
Supports high query volumes of domain name attributes.
Provides actionable insights-at-scale with enterprise-scale ingestion of DomainTools data to support 3rd party or purpose-built platforms.
Creates a seamless view of data to provide an easy transition from SIEM alert to human analysis.
Iris Investigate API
Delivers dozens of domain name attributes on every result including Risk Score, DNS, Whois, SSL, and more.
Enables easy pivoting through different domain name attributes and exposes meaningful insights with connection counts on most data fields.
Designed for human-scale interactions and seamless integration with 3rd party or other purpose-built platforms.
DomainTools Monitors
Proactively alert on new and changed infrastructure
Get Early Awareness of Potential Threats
Thousands of domains are registered or dropped every day, and it can be challenging to stay informed as malicious actors develop infrastructure. DomainTools monitoring products are built on the world’s largest database of domain and DNS profile information, as well as the fastest new-infrastructure discovery capabilities in the market. With them, security teams can configure alerts to warn them when the adversary is still in the preparatory phases of an intrusion or attack, or when a known campaign evolves.
Faster Response Time
Quickly assess new infrastructure.
Better Situational Awareness
Track campaigns as they evolve.
Flexible Implementation
Monitors are available via a GUI or as an API call.