Maltego

Streamlined Incident Response

Together, DomainTools® and Maltego have simplified cyber investigations to provide actionable insights and expedite the investigation process. Extending the rich DNS, Whois, and beyond Whois datasets, DomainTools integrates with Maltego to provide seamless workflows from the DomainTools Iris Investigate®user interface directly to the Maltego graph.

Empower Investigators and Analysts

Map connected infrastructure, run correlations, look at attribution, highlight risky domains, etc. to surface meaningful insights

• Increase the chance of intersection with existing graph data from other sources to open up new investigative pathways
• Quickly identify which graph node to pivot on by consulting the Guided Pivot count present on nearly every entity these transforms act on
• Pivot and infer connection between one domain and another, assisting with mapping out a potential threat actor or group’s TTPs (tactics, techniques, and procedures) using guided pivots.

‍

Domain Enrichment Transforms

These transforms operate on domain names and deliver Maltego entities or generic phrases that are ideally suited for follow-on enrichment with DomainTools transforms or those from other sources.

‍

Investigate & Pivot Transforms

These transforms query the DomainTools Iris dataset and return domain names that share the same attributes as the value of the entity.

‍