IBM Resilient

Key Benefits

Respond Faster and More Efficiently
- Speed up incident handling by ensuring analysts have everything they need to triage an event
- Leverage domain name and IP address Whois lookups in ad-hoc actions on events
- Add domain name profiles, ownership history, and hosting history automatically in workflows
- Discover how many domains share an identity, a name server, or a hosting IP
- Avoid context switching and preserve important artifacts in an event context
Download From IBM App Exchange
Orchestrate and Automate Response
- Leverage DomainTools Risk Score to predict how likely a domain is to be malicious and take automated actions
- Enrich an event with connected domains to inform workflows to take the appropriate action
- Identify domains that have been tagged via your SOC/CSIRT within DomainTools inside of IBM Resilient

Support and Learning

User Guides

DomainTools App for IBM Resilient

Learn More
Webinar

SOARing with DomainTools and IBM Resilient

Learn More
Blog

Brand Protection In Iris Investigate

Learn More

About IBM Resilient

IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform is the leading platform for orchestrating and automating incident response processes. IBM Resilient SOAR Platform quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.