29 March 2021Webinar
Webinar | Accelerating Threat Intelligence Investigations with DomainTools and Maltego
This webinar demonstrates how threat intelligence analysts and cyber investigators alike can leverage DomainTools domain and DNS infrastructure data to understand resource development, initial access, lateral movement, command and control, and exfiltration of threat actors and comprises.
We also deep dive into how investigators can combine DomainTools with Maltego for effective data aggregation, correlation, and validation, all in a visualized and interactive graph.
In this webinar, you will learn:
- An overview of DomainTools’ domain and DNS infrastructure intelligence
- Brief introduction to Maltego’s investigative capabilities
- Mapping the hosting infrastructure and assessing risk scores of known phishing domains run by TA413 threat actor group
- How to pull DomainTools searches into Maltego to automate data collection and aggregation and visualize the phishing infrastructure of TA413
About DomainTools Threat Intelligence
DomainTools Iris is a threat intelligence and investigation platform that combines enterprise-grade domain intelligence and risk scoring with industry-leading passive DNS data.
With DomainTools Transforms in Maltego, investigators can transform a domain name from any source into a comprehensive set of entities, connections, and dynamic properties to reveal actors, surface infrastructure, and highlight risk.
You can access DomainTools data in Maltego by purchasing a DomainTools membership. For more information about accessing DomainTools data in Maltego, please visit our Transform Hub detail page here.