Enrichment, Hunting, and Alerting
When you add world-class passive DNS and domain registration data to one of the leading SIEM platforms, a lot of powerful incident response (IR) and hunting use cases are unlocked. The DomainTools® App for Microsoft Sentinel allows customers to rapidly enrich domains with Domain Risk Score, domain age, Whois, IPs, active and passive DNS provided by Farsight’s DNSDB, and other connected infrastructure data to surface evidence of malicious activity.
Precisely Target Alerts and Hunt Threats Across Your Enterprise
Support and Learning
About Microsoft Sentinel
Microsoft Sentinel is a scalable, cloud-native solution that provides:
- Security information and event management (SIEM)
- Security orchestration, automation, and response (SOAR)
Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise. With Microsoft Sentinel, you get a single solution for attack detection, threat visibility, proactive hunting, and threat response.