Proven Methods for Threat Hunting with Splunk and DomainTools

According to a recent SANS Survey Report, more than 61% of respondents said threat hunting provides a measurable improvement to their overall security posture. DomainTools Iris and PhishEye can help you double down on threat detection and incident management by enriching domains with a variety of datasets to surface potentially malicious activity as quickly and accurately as possible.

Tune into this technical session featuring Splunk’s Principal Security Strategist, Ryan Kovar, and DomainTools Director of Research, Sean McNee at 10 AM PT/1 PM ET on June 16th. Ryan and Sean will illustrate how to leverage the capabilities of our rich Iris and PhishEye data sets within Splunk to provide better visibility and context into your network traffic, gain event enrichment-at-scale, and compile proactive risk scoring with selective targeting.

In this webinar, you will learn:

  • How to create notable events from DomainTools data and set policies based on those events
  • Where to leverage comprehensive domain monitoring to identify those domains on your network
  • How to add DomainTools free COVID-19 Threat List to Splunk Enterprise Security
  • A deep dive into the DomainTools Risk Score and Hotlist, and how it adds immediate value to Splunk Enterprise Security