Tag Archives: DomainTools

TLD Updates: ICANN ccNSO Seeks ccTLD News Speakers, .ZA Registry Up For Tender, DomainTools Debut Domain Discovery Feed, .SCOT Turns 7 and .PL 31, Donuts July Trend Report, Indonesia Seeks To Introduce Local IDNs and CZ.NIC Contributes To Flood Relief

ICANN is seeking speakers for their next (virtual) for their pre-ICANN72 ccTLD News Sessions on 6 and 7 October. ccTLDs with a best practice, project solution or case study to share with the broader community or even a market development, or perhaps legal or operational news that is engaging, relevant and informative to other ccTLDs from across the world are requested to put their hands up and nominate themselves.

Continue reading TLD Updates: ICANN ccNSO Seeks ccTLD News Speakers, .ZA Registry Up For Tender, DomainTools Debut Domain Discovery Feed, .SCOT Turns 7 and .PL 31, Donuts July Trend Report, Indonesia Seeks To Introduce Local IDNs and CZ.NIC Contributes To Flood Relief

.NZ Gets Another Victory In DomainTools Battle Over registrant Privacy Rights

New Zealand’s Domain Name Commission (DNC) had their third victory in three appearances in their ongoing court battle with DomainTools, the latest being in March. DomainTools had appealed three claims, following losing their first appeal, but won only one, while the DNC won the remaining two, with consideration being given by the DNC to appeal the remaining claim. It is a battle over whether a top-level domain registry protect the privacy of their registrants. As Jordan Carter, InternetNZ’s CEO, told the Goldstein Report back in March 2019, “this test case will be significant for protecting the privacy rights of .nz registrants in the .nz domain name space and it is likely to have an impact on other ccTLDs and the wider industry.” It seems that the privacy rights of .nz registrants has been protected.

Continue reading .NZ Gets Another Victory In DomainTools Battle Over registrant Privacy Rights

Upcoming Webinar: DomainTools Iris: Guided Tour of New Features

Adversary infrastructure intelligence is key for incident responders, threat hunters, and other SOC professionals. For years, DomainTools Iris has been a crucial tool for organizations worldwide. For Spring 2019, DomainTools introduces several enhancements to give analysts more context, more efficiency, and more power.

In this webinar, participants will gain information on how to:

  • Quickly gain context on infrastructure through the tagging of domains
  • Identify related malicious infrastructure through subdomain information in SSL certificates
  • View multiple key data points on a domain in a single window through Domain Inspection
  • See the average risk and domain age for any given set of results through the Summary Metrics
  • Easily export pDNS for use in other tools or documents

Join Director of Product Management, Tim Helming, to learn how these features can help you level-up your adversary infrastructure intelligence capabilities.

This DomainTools webinar will be held on 25 June at 09:00 US Pacific Time, 12:00 US Eastern Time. To register, go to: https://www.domaintools.com/resources/webinars/domaintools-iris-guided-tour-of-new-features

Webinar: How DomainTools and Splunk>Phantom Work in Harmony so you can SOAR

Cybersecurity as an industry is seeing an ever-widening skills gap. As roles go unfilled, practitioners find themselves increasingly unable to meet the needs of their organizations in terms of security posture and maturity. Security Orchestration, Automation, and Response has the ability to help organizations with security processes, automation of specific actions, and intelligently inform teams, with the end goal of efficiency.

With the new features that DomainTools has built into Splunk Phantom, organizations are able to leverage this integration for purpose-built work with the Iris Investigate API. The rich Iris dataset is available not only for ad-hoc research on specific incidents in Splunk Phantom, but also for automated actions in Splunk Phantom playbooks.

In this webinar, learn:

  • How organizations are leveraging DomainTools for Splunk Phantom for Incident Response, IoC Hunting, Network Access Control, and Intelligence Sharing
  • How to get the Single Pane of Glass in Splunk Phantom with DomainTools’ Domain and DNS-based adversary intelligence
  • Where to leverage Domain Risk Score to automate workflows

Join Mark Kendrick, Director of Product Integrations at DomainTools, for this 30 minute webinar on 16 May.

To register, go to: domaintools.com/resources/webinars/how-domaintools-and-splunkphantom-work-in-harmony-so-you-can-soar

DomainTools Webinar: DNS Mapping for Better Context on Threats

According to the FBI, U.S. businesses alone suffer from nearly $343k in damages every hour from phishing – and this number has been rising year over year for the last five years. Join Ben April, Chief Technology Officer at Farsight and Corin Imai, Senior Security Advisor at DomainTools for this 30 minute webinar on a real-world DNS forensic investigation. Starting with a single IOC (indicator of compromise), they will step through how to pivot through domain infrastructure to build intelligence of associated malicious activity.

March 26, 2019 at 10 AM PT/1 PM ET

In this webinar, you will learn:

  • How to take an IOC and pivot on supporting threat intelligence
  • Where pDNS can uncover cybercrime forensics data
  • When to leverage DomainTools and Farsight to build an investigation

To register for this free webinar, go to:

Webinar: Enrich Your Investigations With DomainTools Iris for Maltego

Maltego is an open-source intelligence platform leveraged by practitioners for information gathering and data mining, providing a library of transforms for discovery of data from a variety of sources, and a visualization of the information to quickly bubble up relationships between pieces of information. In this webinar, learn how DomainTools and Maltego have simplified and expedited cyber investigations by extending crucial enrichment data (like DNS, Guided Pivots, historical Whois, and SSL certificates) to provide a seamless workflow for both Maltego and DomainTools Iris users.

February 6, 2019 at 10:00 US Pacific Time/13:00 US Eastern Time

Join Senior Sales Engineer, Taylor Wilkes-Pierce, to learn how to:

  • Map connected infrastructure, run correlations, look at attribution, highlight risky domains, etc. to surface meaningful insights
  • Increase the chance of intersection with existing graph data from other sources to open up new investigative pathways
  • Quickly identify which graph node to pivot on by consulting the Guided Pivot count present on nearly every entity these transforms act on
  • Conduct investigations with real world examples leveraging both DomainTools and Maltego

For free registration, go to:

DomainTools Webinar: 2019: No Oscars for the Bad Threat Actors

2018 isn’t over and we have already seen a massive increase in the number and types of cybersecurity threats from ransomware to phishing. So what will 2019 bring and what can be done to prevent the next wave of cyber attacks?

Join subject matter experts from DomainTools in a lively discussion of what’s next for information security. CTO Bruce Roberts, Director of Product Management, Tim Helming, Senior Security Advisor, Corin Imai, and Senior Data Scientist, Sean McNee will conduct a round-table discussion on their information security predictions. Highlights include:

  • Let’s Get Critical (The political process is the new critical infrastructure under attack)
  • Breaches and Woes (Change in public perception of breaches)
  • The Automation Invasion (Automation will continue to create more issues than solutions if organizations)
  • Mind the (Skills) Gap

December 11, 2018 at 10 AM PT/1 PM ET

To register for this free DomainTools webinar, go to:

DomainTools Webinar: The Beginner’s Guide to Mitigating Phishing Attacks

According to the FBI, U.S. businesses alone suffer from nearly $343k in damages every hour from phishing – and this number has been going up year over year for the last five years. Phishing by definition is a fraudulent attempt to gain access to sensitive data and leverage such data for malicious purposes. Most commonly this is done by disguising malicious links to distributed malware.

In this webinar, Corin Imai, Senior Security Advisor at DomainTools will take a look at the steps to executing a phishing attack and the potential ways to help mitigate the risk.

November 14, 2018 at 10 AM PT/1 PM ET

In this webinar, you will learn:

  • Real world examples of attacks leveraging phishing vectors
  • 5 steps of executing a phishing attack – if I can do it, surely anyone can
  • 5 ways to mitigate your risk of a phishing attack

To register for this webinar, click here.

Webinar: DomainTools Guide to Threat Hunting with Splunk and Phantom

According to the SANS 2018 Threat Hunting Survey Results, 75% of IT professionals said their organizations have reduced their attack surface as a result of more aggressive threat-hunting while 59% credited the approach for enhancing incident response speed and accuracy.

DomainTools Iris can help you bring these outcomes to your security practice, especially when you leverage the Iris dataset to enrich your logs in Splunk and execute incident response playbooks in Phantom.

With the enhancements to our Splunk Technology Add-on, we’ve enabled security teams to take indicators from their network, including domains and IPs, and connect them with the comprehensive DomainTools Iris dataset. Those connections inform risk assessments, profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure.

Orchestration and automation are vital to scaling those activities, which is why teams have leveraged DomainTools in Phantom almost since it was launched. Now, we’re extending those capabilities with the Iris Investigate API to enable guided pivots and smarter blocking decisions in your playbooks.

In this webinar, Mark Kendrick, Director of Product Integrations will be showing how our customers leverage the capabilities of the rich Iris data set with these products to provide better visibility and context into their network traffic, gain event enrichment-at-scale, and garner proactive risk scoring with selective targeting.

October 23, 2018 at 10 AM PT/1 PM ET

In this webinar, you will learn:

  • Where you can surface meaningful alerts to identify malicious intent
  • How to immediately access dozens of attributes attached to every domain event in Splunk
  • How batch processing helps scale enrichment to cover massive data sources
  • How to use Risk Score, Proximity and Threat Profile classifiers to manage alert fatigue
  • How to build playbooks in Phantom that replicate the smartest analyst workflows

This DomainTools announcement was sourced from: