DomainTools

Additional features

Iris Intelligence Platform

An intuitive web interface and API-driven platform for comprehensive threat investigation and infrastructure mapping.

Iris Investigate

Maps connected infrastructure (domains, IPs, name servers, SSL certificates) to uncover relationships, provides 10+ years of historical Whois and passive DNS data, and offers features like screenshot history and domain reporting.

Iris Detect

Rapidly discovers and monitors lookalike domains with unmatched speed and coverage, providing near real-time risk scoring and automated alerts for emerging phishing and fraud campaigns.

Iris Enrich

Offers a robust API (REST-based) to seamlessly integrate DomainTools data (Whois, DNS, SSL certificate, risk scores) into SIEM, SOAR, and other security tools, enriching indicators at scale.

Farsight DNSDB

The world's largest Passive DNS intelligence solution, containing over 100 billion unique DNS observations dating back to 2010.

DNSDB API

Provides programmatic access to this vast historical and real-time passive DNS data.

DNSDB Export

An "on-premise" version of DNSDB for the fastest response times, unlimited query volume, and total query privacy.

DNSDB Flexible Search

Allows regular expression and glob (wildcard) searches across every label of a fully qualified domain name and select RData, enabling highly specific queries.

Threat Intelligence Feeds

Provides high-fidelity, real-time feeds to enable proactive defense.

Predictive Risk Score

Leverages machine learning on decades of data to assign predictive risk scores (overall, malware, phishing, spam) to domains and IP addresses, often predicting maliciousness before weaponization.

Domain Hotlist

A prioritized, daily list of active, high-risk domains based on predictive risk scores and passive DNS activity, suitable for proactive blocking via DNS Response Policy Zones (RPZ).

Newly Observed Domains (NOD)

Identifies domains never before seen by DomainTools' passive DNS network, enabling early blocking of new, high-risk activity.

Newly Active Domains (NAD)

Alerts on domains that have become active after at least 10 days of inactivity, often reused by criminals.

Domain Visibility

Provides a daily risk-scored domain list and targeted feeds for comprehensive insight into new and changing infrastructure.

Configurable Filters & RPZ Delivery

Allows filtering of feeds based on risk scores and domain patterns, and delivers content directly as RPZ for DNS firewalls.

Integrations

Seamlessly integrates with leading security platforms to enhance existing workflows.

SIEM Integration

Enhances threat hunting and domain alerts within platforms like Splunk, IBM QRadar, and Elastic.

SOAR Integration

Enables creation of event playbooks and targeted actions with platforms such as Cortex XSOAR and Splunk SOAR.

Threat Intelligence Platform Integration

Connects with TIPs like Anomali, Maltego, MISP, and TheHive/Cortex to uncover actor infrastructure.

Solutions by Use Case

Tailored offerings for specific cybersecurity needs.

Threat Intelligence

Detects indicators earlier in their lifecycle to disrupt incipient attacks.

Phishing & Fraud Prevention

Identifies and blocks malicious domains and infrastructure spoofing assets.

Threat Hunting

Discovers Indicators of Compromise (IOCs) and malicious infrastructure hidden within networks.

Brand Protection

Monitors lookalike domain names and protects brand reputation.

Forensics & Incident Response

Aids in rapid response, triage, and attribution of cyber incidents.

Application Enrichment

Empowers homegrown or third-party security applications with deep internet intelligence.

Industry-Specific Solutions

Customized intelligence for critical sectors.

Federal Government

Strengthens national cybersecurity resilience with preemptive intelligence.

Financial Services

Proactively uncovers fraud and reinforces infrastructure defenses.

Healthcare

Protects sensitive PII/PHI and ensures regulatory compliance.

Technology

Bolsters defenses against evolving cyber threats in the high-tech attack surface.

Retail

Safeguards against data breaches, consumer attacks, phishing, and BEC.

Global Authority & Trust

Trusted by over 700 enterprise customers, 45 of the Fortune 100, 8 out of the top 10 US banks, and all branches of the US military, with a strong reputation for data quality and accuracy based on 23+ years of experience.

Demonstrated ROI

ESG report indicates a 79% reduction in time and cost for domain-related intelligence tasks and an impressive 1,256% ROI for OEM partners.