SEATTLE, October 6, 2020 – DomainTools, the leader in domain name and DNS-based cyber threat intelligence, today announced the general availability release of the 4.1 version of its app for Splunk, provider of the Data-to-Everything® Platform. With several key feature enhancements, including support for early adopters of Splunk 8.0 (and Python 3), users will see improved capabilities, performance, and user experience.
The DomainTools App for Splunk provides direct access within Splunk to industry-leading threat intelligence data on domain names, the individuals who control them, and the infrastructure that supports them. The app is available for download on Splunkbase.
Customers who deploy the app in Splunk will benefit from:
- Capability to integrate threat investigation and incident response workflows in Splunk
- Mass enrichment of domain observables with DomainTools intelligence
- Proactive monitoring of malicious domains within Splunk
- Discovery of new domain IOCs related to network observables from within Splunk
“With attackers taking advantage of the pandemic and attack surfaces increasing with the shift to remote work, security teams are facing new challenges around putting security events in context to actively defend their organizations. The DomainTools App for Splunk allows customers to enrich and monitor malicious domains at scale without leaving the Splunk interface,” said Jackie Abrams, VP of Product, DomainTools.
The DomainTools App for Splunk is powered by the DomainTools Risk Score, a proprietary scoring algorithm that finds malicious domain names before they can be weaponized. The technology is based on machine learning algorithms applied to DomainTools’ unparalleled coverage of domain name features and infrastructure characteristics.
Download the DomainTools App for Splunk 4.1 now on Splunkbase: https://splunkbase.splunk.com/app/5226
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light, and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries.
DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at https://www.domaintools.com or follow us on Twitter: @domaintools.