Hack Days has become a quarterly tradition here at DomainTools, and although the ?hack days? concept is now considered as cliche as owning a ping pong table and kegerator in the tech industry (check and check), there are a few things that make our own take unique. For example, rather than solely empowering our technical […]

Articles from October 12-18? Curious what happened this past week in the Cyber Security industry? Every week our team pools relevant news articles to ensure you stay on top of the ever-changing security landscape: If Threat Intelligence Isn?t the Answer, You?ve Asked the Wrong Question Info-Security Magazine | Noam Green | October 15, 201...

As many of you know, threat intelligence has become a buzzword in the cyber security industry. The question is: how do security teams transcend the ?big-data? hype and turn a large volume of information into actionable and valuable information? In an effort to answer this question, DomainTools teamed up with Recorded Future and Farsight Security [&...

In honor of cyber awareness month, the DomainTools team felt it important to share an effective approach when it comes to sustaining and maintaining a healthy security posture. As Lex Luthor once said, ?the man of tomorrow is forged by his battles today.? This mentality is easily likened to a robust approach to continuous security, […]

It's been an exciting week here at DomainTools. Not only did we launch our new threat intelligence platform Iris, but we joined forces with industry analyst Michael Osterman and Dark Reading to discuss Using Threat Intelligence to Improve Enterprise Cyber Defense. Tim Helming and Michael Osterman offered their thoughts on?how domain and DNS-based t...

There?s a lot of hype surrounding the topic of ?threat intelligence.??We?d like to?give you the?opportunity to transcend the noise?and learn about real-world applications of threat intel for incident response and situational awareness. It?s less intimidating than you might think to start incorporating Open Source Intelligence (OSINT) and enrichment...

Today I?m very proud to announce the launch of DomainTools Iris, our new flagship platform for cybersecurity threat investigations. Iris combines our industry-leading domain and IP ownership data, domain profile data, DNS data, and 15 years of historical Whois and hosting infrastructure data into an intuitive web interface designed around DNS inves...

This past Thursday, DomainTools presented a webinar with SANS analyst Dave Shackleford regarding tactics and strategies for tapping into the goldmine that is Open Source Intelligence (OSINT) and DNS information?for understanding cyber attacks and threat actors. Our very own Tim Helming (Director of Product Management) teamed up with Shackleford for...

With a week or so to catch my breath, I?m now happy to share some observations from the high-energy activities we recently pursued in Vegas. Also, a bit on the security shows you may have heard about that took place there. This was DomainTools? first appearance at a BSides event, and the first time for […]

A few days ago, Brian Krebs blogged about a report, published by RSA Research, that uncovered a network of compromised Windows machines being used as VPN exit nodes. The idea was to sell VPN access at premium points across the world to customers within China who needed to bypass the Great Firewall. Compromised machines included […]

As we reflect on our latest event ? SANSFIRE 2015 in Baltimore ? we can tell summer is here, no doubt about it. While in Baltimore, when our weather apps said ?Currently 100?F, Feels like 135?F? we knew something wasn?t right for our team that flew in from Seattle. But it so aptly matched the […]

As DomainTools has come into its own as a player in the cybersecurity realm, we have added a lot of security-themed events to our annual calendar. A recent example was the 2015 Security and Risk Management Summit put on by Gartner, in Washington, DC. While this show has run for a number of years now, […]

As we return from FS-ISAC in Miami?s South Beach?where LeBron James hasn?t been spotted lately?we?d like to reflect on some of the conversations we had. DomainTools took this as an opportunity to listen to financial services institutions and learn more about the industry and trends. As FS-ISAC stands for Financial Services Information Sharing Analy...

At the 2015 RSA Conference in San Francisco, we released the first edition of The DomainTools Report: A Profile of Malicious Domains. In this report, we investigate the attributes of malicious domains connected to malware, spam, phishing, and botnets. Using an aggregation of blacklists and DomainTools? data, we compared the bad actors? preferences ...

We?ve been quite busy over the past quarter getting ready for the RSA Conference in San Francisco. ?In addition to preparing our booth for the exhibition and making other fun plans around the event, we?ve been hard at work on The DomainTools Report (more info below). ?We?re looking forward to seeing you at in San […]

Part 2 of 2 In Part 1 of this discussion of threat actor analysis, we got some insights into why threat actor analysis has a major role to play in every phase of cybersecurity, from prevention to mitigation to response to monitoring. Today, we'll take a look at how a key DomainTools partner, ThreatConnect, used […]

Nearly 18 months ago, we started to more directly focus on the threat intelligence arena with our leading domain name and DNS data. Cybersecurity breaches have become a major focus of organizations worldwide in recent years, and our clients have proven the value of our data in investigating attacks and securing their networks and systems. […]

Part 1 of 2 Lest we see only doom and gloom in the cascade of data breach disclosures, it?s worth acknowledging some of the outstanding work being done on the good guys? side in the cyber wars. We?re going to take a two-part look at this, starting with some discussion of attack attribution and adversary […]

As you already know, DomainTools has worked tirelessly to build the world?s best database of Whois records, with coverage spanning all of the ccTLDs and each new gTLD as it comes online?not to mention the ?big six? TLDs: com, net, org, biz, info, and us. We believe we have reason–because our customers tell us so–to […]

The early reviews of Blackhat are in, and it doesn?t look favorable. Maybe Hollywood will have better luck depicting cybercrime on television with shows like Scorpion and the upcoming CSI: Cyber. But in any case, we?ll tread on with our 3 part series of movie reviews. In our previous post about Tron and WarGames, we […]

The year of 2014 may have seen the recovery from the Great Recession picking up pace, but from a cybersecurity perspective, it was a rough year to be a retailer. With that in mind, your correspondent attended The Big Show, the annual trade show of the National Retail Federation, to check out the zeitgeist in retail-world. Held at the Javits Center ...

When we use the words ?hacking? and ?movies? in the same sentence, we?re not talking about the Sony incident last year. ?We?re talking about hacker movies like the upcoming Universal Pictures, Michael Mann production of Blackhat, starring Thor himself. The movie comes out this Friday, and the previews look interesting enough?and hopefully the premi...

If you?re a regular reader of our blog, you know that we often take a bit of a lighthearted look at the ways that domain data aids various kinds of investigations. However, there?s really nothing funny about hacking, cyber espionage, or all-out cyber warfare. The outstanding investigative team at FireEye has recently published reports on […]

If you?ve spent much time looking at domain records to hunt down or characterize cybercriminals, you have almost certainly encountered some clearly falsified domain registrations. We decided to have a little fun by digging into some (ahem) unlikely domain registrants showcased below, with some more serious points about domain registration and cyber...

SecureWorld puts on several shows throughout the year, but everyone says the Seattle show is ?the one to be at.? And after attending our second straight SecureWorld Seattle conference, we thought we?d share with you a few notes?on the event.?DomainTools was well-represented with a new booth and an energetic delegation.?There was no way you could [&...

If you've visited DomainTools today, you might have noticed a few not-so-minor changes. We've spent some time recently improving the usability and ease in navigating our site. We focused on getting you to the tools and data you use with fewer clicks and less scrolling. Our most noticeable changes are the header and footer across […]...

If you're in the Seattle area, and you're attending SecureWorld in Bellevue, let us know! We're excited to be participating in this event for a second year. The topics are spot on, the agenda and speakers look interesting, and it's in our backyard…all great reasons for sending a big entourage to the event. Come by […]...

We are freshly back from MIRcon 2014, the annual security show put on by Mandiant. MIRcon has become a significant cybersecurity trade event, with hundreds of participants from the private sector as well as government/military. Different tracks of presentations cover security R&D, management/policy, and incident response. Keynotes were given by...

The Institute of Electrical and Electronics Engineers, better known as IEEE, has developed a new series of shows with the theme of ?Rock Stars.? These shows gather experts in the show?s topical area (Big Data, Mobile Cloud, Cybersecurity) for informational seminars and panel discussions, along with informal networking opportunities. And lest you fi...

Yesterday, a new vulnerability, now named Shellshock, was exposed in a program named bash. This program is present on most Unix/Linux systems including OS X. You can learn more about this vulnerability in?Everything you need to know about the Shellshock Bash bug and?Peter Whittaker's helpful management briefing. Our systems administrators are?takin...

There has always been a lively–and very relevant–debate in security circles about where and how to expend resources, be they cash, personnel or attention. Budgets are tight and we have not yet found a holistic and bullet-proof solution to stopping hackers and malware from getting into our systems. (Nor will we as long as the […]

Spammers are wily, but guess what? So are the good folks fighting this digital scourge. In a recent blog post, the Talos team from Sourcefire (now part of Cisco)?documents a recent successful investigation of a spammer. The article focuses on the rather arcane crime of IP hijacking, but the hijacking in this case is really […]

At DomainTools, customer success through system availability and product performance is a top priority. Over the last 18 months, we have been upgrading our code, systems and infrastructure to ensure reliability and high performance with an ever increasing user base and data set. Sometimes this requires us to do things that impacts product performan...

In the first two installments of this series (Beyond Whois: The Domain Profile and Beyond Whois: IP Addresses Tell Many Tales), we looked at how there are a lot of datapoints in the DomainTools database that go beyond Whois and DNS records to help you find elusive answers to domain ownership and the connections among […]

In a press release today, we made an announcement about our partnerships with Mandiant, Cyber Squared Inc. and Malformity Labs to help provide security analysts with more powerful threat intelligence and cybercrime investigation solutions. Through these integrations, investigators who rely on our unparalleled repository of DNS and Whois data, will ...

DomainTools has worked tirelessly to build the world?s best database of Whois records, with coverage spanning all of the ccTLDs and each new gTLD as it comes online?not to mention the ?big six? TLDs: com, net, org, biz, info, and us. We believe we have reason to claim that our coverage is unparalleled. But now […]

In Part 1 of our Beyond Whois blog, we introduced the concept of the Domain Profile, the set of datapoints that DomainTools returns in a Whois lookup. The Domain Profile gives a wealth of information that is not contained in the actual Whois record for a domain, so using DomainTools gives you an investigative starting […]

There?s been a lot of speculation about how domain registrations will take off (or not) in the new gTLDs that are rapidly coming online. Last year we covered the growth of .PW roughly one month after launch; this commercial re-launch of the ccTLD for Palau was watched closely because many felt it might predict customer […]

Official ownership records are valuable and can often tell interesting tales about the goods–physical or digital–that they cover. However, ownership records only go so far, as anyone who has used a commercial vehicle history report knows!?Getting beyond the basics of registration data can make a world of difference for prospective buyer...

Today, we?re announcing the availability of a Maltego transform server that makes it incredibly easy to visualize the relationships among domains, registrants, IP addresses and all DomainTools data. This service, provided by a partnership with Malformity, already incorporates DomainTools? extensive database into the Maltego transform server, and ca...

Our friends at domaingang.com have a wry finger on the pulse of the domain industry. In celebration of the birthday of DomainTools board member Ammar Kubba, we didn't put Ammar's handsome mug in the place of our "gear" logo as they portray. But it's got us thinking about it… Happy birthday, Ammar! The DomainTools Team […]...

At DomainTools, customer success through system availability and product performance is a top priority. We are constantly improving our code, systems and infrastructure to ensure reliability and high performance with an ever increasing user base and data set. Sometimes this requires us to do things that may impact product performance for a short pe...

If you?ve spent any time on our site, you already know that ?Whois? with DomainTools is much more than just a static Whois entry for a domain. Our Whois results page provides a detailed profile of the domain, including summary information on related IP addresses, name servers, IP geolocation, and web server stats and historical […]

At DomainTools, customer success through system availability and product performance is a top priority. We are constantly improving our code, systems and infrastructure to ensure reliability and high performance with an ever increasing user base and data set. Sometimes this requires us to do things that may impact product performance for a short pe...

When we launched our new?homepage?last year, a lot of people asked me "What does Whois data have to do with cybersecurity?". ?A lot, as it turns out. ?My answer then is the same as it is now: ?Whois data helps you understand who is behind nefarious domains and IPs, and helps you connect domains and […]

One of the most satisfying things for us at DomainTools is to see our tools and data enable novel solutions that make a real difference for customers. Maccabim, a longtime DomainTools customer, has just released its?Serial Cybersquatter Detector?combining their know-how in the brand protection world with our market-leading database of domain and DN...

Based on our recent survey work, nearly 30% of our users use DomainTools for online Brand Protection or investigating online brand fraud. While the onslaught of new TLDs (Top-Level Domains) is creating a new frontier for the internet, with new business opportunities, new marketing opportunities, a much needed expansion of domain names via infinite ...

Here at DomainTools, we take pride in developing tools that help our users in a variety of different endeavors, from investigating cybercrime or brand fraud, to competitive research, to domain management and acquisition. Datapoints that add insight to individual domains and connections between them are especially helpful, and it turns out that MX r...