https://store-images.s-microsoft.com/image/apps.23041.34d7d3fb-c691-4c6c-b54e-220c10334ce9.f93784ab-2821-41cc-b7ae-50d6702457d3.e1ca5c74-94be-42f1-b1c1-22a52205bb14

DomainTools Threat Intelligence

DomainTools

Categories
SecurityCompute
Support
Support
Legal
Under Microsoft Standard ContractPrivacy Policy

DomainTools Threat Intelligence

DomainTools

DomainTools offers advanced domain intelligence for cybersecurity.

Overview

DomainTools is the global leader for Internet intelligence that enables security practitioners to stop threats before they happen, using best-in-class internet intelligence data, detection and monitoring tools, and predictive risk scoring.

DomainTools enterprise protection solutions are powered by the freshest, most complete domain and DNS infrastructure data - captured in real-time.

DomainTools offers 3 Logic Apps for Microsoft Sentinel that are designed to work independently or together:

DNSDB API: Historical passive DNS data, updated in real-time
  • Discover and analyze emerging campaigns with the ability to connect seemingly unrelated adversary-controlled assets by pivoting through domains, IP addresses, name servers, and other clues stored in DNS Resource Records.

Iris Investigate: Accelerated analysis of malicious online infrastructure
  • Enables easy pivoting through different domain name attributes (Risk Score, DNS, Whois, SSL, and more) and exposes meaningful insights with connection counts on most data fields.

Iris Enrich: Automated enrichment of domain and IP indicators
  • Supports high query volumes of domain name attributes, actionable insights at scale with enterprise-class ingestion, and a seamless view of data to provide an easy transition from SIEM alert to human analysis.

Plans


DNSDB - Enrich and contextualize investigations with DNS activity, and domain-IP mapping based on DNS traffic observed by the largest Passive DNS sensor network.
Iris Investigate - Add detailed information about a domain threat indicator, pivot on IP, email or SSL indicators, and adjust incidents with risk scoring.
Iris Enrich - Enrich up to 6,000 domains/minute with DomainTools intelligence using bulk lookups against the Iris Enrich interface.

Learn more
ESG Buyer Guide API Documentation User Guides Vendor Insights
https://store-images.s-microsoft.com/image/apps.15399.34d7d3fb-c691-4c6c-b54e-220c10334ce9.f93784ab-2821-41cc-b7ae-50d6702457d3.a69c8a63-2857-4941-911f-61847b52c67c
https://store-images.s-microsoft.com/image/apps.15399.34d7d3fb-c691-4c6c-b54e-220c10334ce9.f93784ab-2821-41cc-b7ae-50d6702457d3.a69c8a63-2857-4941-911f-61847b52c67c
https://store-images.s-microsoft.com/image/apps.26968.34d7d3fb-c691-4c6c-b54e-220c10334ce9.f93784ab-2821-41cc-b7ae-50d6702457d3.bce09225-7b44-4bbd-ab05-28fa5ab2547e
https://store-images.s-microsoft.com/image/apps.46727.34d7d3fb-c691-4c6c-b54e-220c10334ce9.f93784ab-2821-41cc-b7ae-50d6702457d3.31fb84ff-39cc-4b5c-a420-93df603aa8c7