Skip to main content
DomainTools Announces Predictive Threat Feeds - Powering Preemptive Exposure Management

DomainTools feeds reach over 97% of the Internet to surface young, risky domains and hostnames in real-time.

Get instant visibility into potential threats as they’re created, enabling your team to eliminate threats before they’re weaponized.

Get a Demo

Risk Feeds

Predictive feeds that deliver a risk-based view of newly registered or updated domains and infrastructure

Instantly identify and act on dangerous domains

Drastically reduce detection and incident response times

Embed accurate, predictive domain risk scoring into your workflows and act on dangerous domains

Learn More

Discovery Feeds

Comprehensive feeds that surface newly registered, active, and observed domains and hostnames, providing the foundational visibility to combat emerging threats

Gain real-time visibility into young domains or hostnames

Build defenses against threats like phishing, ransomware, brand infringement, and more

Feed young, suspicious infrastructure directly into security tools for analysis and early warning

Learn More
WHAT'S INCLUDED

Risk Feeds

Domain Risk - All high-risk domains with scores for phishing, malware, spam, and proximity

Domain Hotlist - Highest-risk domains that have become active in passive DNS within the previous 24 hours

Discovery Feeds

Newly Observed Domains - Domains never before observed in passive DNS

Newly Active Domains - Domains not observed in passive DNS in the previous 10 days

Domain Discovery - Newly discovered domains, including those not yet active in passive DNS

Newly Observed Hostnames - Fully qualified domain names (FQDNs) never before observed in passive DNS

Do more with more.

Do it with DomainTools.

How Feeds work:

STEP 1

Feeds are delivered via API or RPZ

STEP 2

High-priority domains are surfaced

STEP 3

Triaging occurs via automated processes and playbooks

STEP 4

Risky domain is mitigated

Request a Demo
INTEGRATIONS

Get more from what you have with DomainTools.

Through seamless integrations across leading SIEM, SOAR, TIP, and other security platforms, DomainTools places rich DNS feed data directly within the tools analysts already use. These integrations can be incorporated into your environment in as quickly as one day, enabling security teams to unlock immediate value.

Icon of a face mask with three horizontal pleats.
White abstract circular design with concentric arcs and a small central circle on black background.
Abstract colorful shapes resembling a cluster of overlapping rounded elements in pink, yellow, blue, turquoise, and green.
Two overlapping speech bubbles with three dots inside the front bubble, representing a chat or conversation.
Microsoft Copilot logo with a gradient design in blue, green, yellow, purple, and orange colors.
Green circular logo with a vertical split showing one half solid and the other half hollow.

“Through close collaboration this year, we were among the first to adopt DomainTools’ Real Time Feeds and API, reducing the time from threat discovery to active prevention to under one minute. This level of speed and accuracy effectively closes the window for domain-based attacks. DomainTools has set a new standard for real-time, high-fidelity intelligence - critical to any modern, proactive defense strategy.”

Dave Ahn
Chief Architect and VP, Centripetal

Watch

our webinars and get to know DomainTools right now.

Wach on-demand demo
Learn More

Experience

DomainTools with a live query and see how fast it can be.

Experience DomainTools
Learn More

Connect

with an expert and book your custom one-on-one demo.

Connect with an expert
Learn More

Heading

Login
Contact
Support
Request a Demo
>