Press Releases

DomainTools Broadens Accessibility of Enterprise-Grade Cyber Threat Intelligence with Launch of Iris

SEATTLE, Sept. 15, 2015 /PRNewswire/ – DomainTools®, the leader in domain name and DNS research, today announced the launch of Iris, its new flagship product for cybercrime and cyberespionage investigation. DomainTools Iris is a proprietary threat intelligence and investigation platform that combines enterprise-grade domain and DNS-based intelligence with an intuitive web interface, helping security teams quickly and efficiently investigate potential cybercrime and cyberespionage.

Powered by DomainTools’ market-leading global database of domain and IP address profile information, Iris enables security and IT teams to profile threats and indicators of compromise, to identify other domains, hosting infrastructure and identities used by the attackers, and to get ahead of future attacks by monitoring and blocking future holdings of threat actors.

The need is acute. Within the past year, cyber attackers have become increasingly sophisticated and often target mid-size enterprises, in addition to the large firms involved in headline-making breaches. According to a recent report from PwC, cybersecurity incidents have increased by 66 percent year-over-year since 2009 and that number continues to climb.

“Network security, threat intelligence and incident response professionals have too many IOCs (Indicators of Compromise) and too few resources, so we have created a product purpose-built for their workflows,” said Tim Chen, CEO of DomainTools. “DomainTools has long been known as the go-to resource for domain profile and Whois data, but our more sophisticated security customers have for years utilized the adjacent DNS data sets we also provision. Today, we are launching a revolutionary new product that exposes and integrates a number of these other DNS-based data sets in a way that will make the daily cyberthreat investigations by security and IT professionals faster, more insightful and easier to administer.”

DomainTools Iris helps analysts answer two key questions at the outset of every security investigation: who is behind the attack, and what other Internet resources do they own or control? Attribution and profiling are critical to response prioritization and resource allocation, and ultimately to takedown and prosecution. Starting with a single data point, an analyst can often illuminate an extended network of connected infrastructure; instead of painstakingly piecing together disparate tools and data, researchers can now rapidly and cost-effectively map and store investigations within Iris. Armed with this information, analysts can lock down against current threats, research previous incursions, and predict and prevent future attacks from the same actors. DomainTools Iris can be a difference-maker for SOCs (Security Operations Centers) of all sizes and maturity levels.

For more information on DomainTools Iris or to request a demo, please visit