Partner Data Sheet: DomainTools

Identify, Prioritize, and Respond to Threats
Context-based enrichment for domain names, IP addresses, hostnames, and SSL certificate hashes

DomainTools and Anomali Solution Features

• The DomainTools Iris APP for the Anomali Threat Platform delivers the ability to contextualize, prioritize and mitigate threats.
• Conversion of threat data into actionable cyber threat intelligence that can be used for threat hunting, forensics, incident response, phishing detection, and brand and fraud protection.
• Ability to proactively identify and understand threats, prioritize them, and determine effective countermeasures.
• Automated threat identification, correlation and response.

Immediate Time-to-Value

• Ability to instantly access DomainTools’ comprehensive data on domain name, DNS and related data.
• Further automation of proactive cyber threat operations.
• Inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure.

Turn Data Into
Intelligence That Stops Threats

There is no way to avoid coming into contact with the various types of threats operating in the wild but there are ways to identify and block them before they have a chance to infiltrate your networks. DomainTools Cyber Threat Intelligence solutions enable organizations to assess the threat risk of domains and IP addresses, investigate the organization behind a domain, and map the online networks of criminal organizations in order to stop future attacks. Anomali delivers the most advanced and comprehensive platform for threat detection, investigation and response. Joint customers are able to increase their visibility over malicious actors while further speeding and simplifying their ability to mitigate the most serious threats.

Reducing MTTR

	Challenge: With countless threat indicators available through hundreds of different sources and feeds, identifying which are the most severe and prioritizing remediation is a challenging task.
	Solution: By integrating DomainTools threat data into the Anomali Platform, joint customers can correlate the information with additional data sets and then automatically export it into existing security and ticketing systems.
	Customer Benefit: Automation capabilities allow security teams to decrease the amount of time needed to remediate the most serious threats.

Contextual Alerting

	Challenge: Determining the severity and validity of alerts within the SOC and CSIRT can be a cumbersome task that can evolve into an inefficient use of talented resources.
	Solution: By integrating DomainTools threat data into the Anomali Threat Platform, joint customers can map connected infrastructure and proactively assess malicious infrastructure to give organizations the confidence in determining severity and validity of alerts.
	Customer Benefit: Providing the proper alert context allows the SOC and CSIRT to provide confidence, priority, and next steps based on adversarial TTPs.

APP Store Preferred Partner Complimentary Offering

The DomainTools Iris APP delivers industry-leading domain and DNS-based threat intelligence, together with pivot capability and domain risk score, directly to analysts via the Anomali ThreatStream platform. This integration enables rapid assessments of domain name observables and discovery of domains with shared hosting infrastructure.