“DomainTools has been the secret weapon for investigators and security analysts for years now as they rely on our unrivaled datasets to help connect the dots in their investigations." --Tim Chen, CEO, DomainTools
Seattle, WA (PRWEB) September 02, 2014
DomainTools®, the leader in domain-name and DNS research products, today announced it has partnered with industry leaders to provide cybersecurity investigators with turnkey resources for cyber threat intelligence. DomainTools now integrates with solutions from Mandiant, a leader in managed APT protection solutions, Cyber Squared Inc., a leader in threat intelligence services and the company behind ThreatConnect®, and Malformity Labs, a solution provider of Maltego’s investigation visualization software. Through these integrations, investigators who rely on DomainTools’ unparalleled repository of DNS and Whois data, will be able to more effectively reveal the true identity of an attacker, create profiles of an attacker’s online presence, and quickly mitigate threats.
“Accurate, global Whois and DNS data is a proven difference-maker in cyberthreat investigations,” said Timothy Chen, CEO at DomainTools. “DomainTools has been the secret weapon for investigators and security analysts for years now as they rely on our unrivaled datasets to help connect the dots in their investigations. Integrating with industry partner solutions will make it even easier for our customers to investigate new threats and stop in-process attacks on their corporate networks.”
As the focus of network security strategy switches from protecting the perimeter to the real-time mitigation of inevitable attacks, the use of DomainTools data to identify and track attackers has become a critical part of the security solution stack. As the leading provider of domain profile information, DomainTools has long been an essential tool for security threat investigators. DomainTools maintains the world’s most comprehensive and accurate database of current and historical domain Whois records, along with related IP address, name server, mail server, screenshot records and more, providing security analysts with the crucial data they need to determine whether network traffic is associated with malicious sites, assess risk level and build a profile on the perpetrators of an attack.
Mandiant (a FireEye company) is a leader in security incident response managed solutions. Mandiant threat analysts use DomainTools resources daily in investigating targeted threats. Subscribers to Mandiant’s threat intelligence service directly access DomainTools Whois and DNS data to research domains linked to suspicious activity. The combination of Mandiant threat intelligence and DomainTools is a powerful weapon against targeted threats.
Integrating DomainTools data into Cyber Squared’s ThreatConnect platform enables their users to perform Whois and DNS investigations using the Track feature directly within ThreatConnect. DomainTools data powers the innovative Track feature that enables proactive monitoring of malicious domain registrations and maps them to a dynamic threat actor profile. The derived intelligence can then by used as indicators for alerting and blocking in integrated security products, such as a SIEM.
“Security analysts need to have the best investigation and profiling tools at their fingertips in order to stay ahead of attackers,” said Adam Vincent, CEO of Cyber Squared. “By integrating the DomainTools’ database of cyber-based intelligence into our Threat Intelligence Platform, we enable our customers to react faster to the evolving threat landscape. ThreatConnect is made stronger by partnerships with DomainTools and others, and we’re proud to work with them to develop the best resources for cyber threat intelligence.”
DomainTools’ partnership with Malformity Labs provides visual-based exploration of connections within DomainTools’ data and across other datasets leveraging the Maltego visualization engine. The Maltego visualization software enables users to combine data sets, both external and their own, and find meaningful connections such as the association of an unknown domain to a known cyberespionage organization. Malformity Labs has created a turnkey solution for accessing DomainTools data by hosting a cloud-based Maltego transformation server.
“As cybercriminals get smarter, it’s harder to identify who they are and to map their domain and IP launch points,” said Keith Gilbert, founder of Malformity Labs. “Combining the data from DomainTools with the investigation visualization capabilities of Maltego will enable customers to see the whole picture faster, find meaningful connections in the data and consequently respond to threats in a more proactive manner.”
DomainTools offers the most comprehensive searchable database of domain name registration (Whois), IP address and hosting data geared to investigate security attacks, cyber espionage, online fraud and all forms of cybercrime. DomainTools’ web-based application enables users to pivot through 12 years historical records of Whois, hosting, DNS information and screenshots, the industry’s broadest source of domain profiles including all ccTLDs, and IP address, hosting data, mail server records and more in order to find connections from unknown sources to known sources of badness. Customers and industry partners can integrate rich dataset into their IT Security solutions through DomainTools’ APIs, including Parsed Whois API for structured data of current domain registration. DomainTools’ customers include many companies within the Fortune 500, numerous global government agencies with cybercrime investigation units and many vendors in the security and online fraud investigation industries. Visit the website at http://www.domaintools.com.