By DomainTools LLC
Map connected infrastructure, correlations, attribution, domains, and more to surface meaningful insights.
DomainTools Iris Transforms for Maltego
With the world’s largest database of domain and DNS intelligence, DomainTools empowers analysts to develop key insights into the nature and extent of adversary holdings, based on a proven methodology of characterizing and connecting domains through the data points they have in common. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure.
DomainTools collect Open Source Intelligence (OSINT) data from many sources, which they join with some 20 years’ worth of historical data to expose and characterize the infrastructure adversaries use in various kinds of attack campaigns, including ransomware, business email compromise, espionage, and more.
Together, DomainTools and Maltego have simplified cyber investigations to provide actionable insights and expedite the investigation process. Extending the rich DNS, Whois, and beyond Whois datasets, DomainTools Iris integrates with Maltego to provide seamless workflows from the DomainTools Iris user interface directly to the Maltego graph.
The DomainTools solution for Maltego extends the rich domain name dataset and powerful pivot capabilities of DomainTools to the Maltego graph, enabling investigators and analysts to map connected infrastructure, run correlations, look at attribution, highlight risky domains, etc. to surfacing meaningful insights.
Typical Users of DomainTools Iris Data
- Threat Hunters and Network Defenders
- SOC Analysts
- Law Enforcement and Anti-Fraud Analysts
- Incident Responders