How Whois Data Ensures a Safe and Secure Internet
Each year, millions of individuals, businesses, organizations and governments register domain names in the publicly accessible, global domain name system (DNS). ICANN, the organization responsible for the security and stability of the Internet, enforces a level of trust and transparency by requiring these entities provide contact information in exchange for listing in the domain name system. That data is then made publicly available through a network protocol known as Whois which functions as a kind of domain name White Pages that anyone on the Internet can access if they have problems with a domain or the services it is hosting.
At least, that was the expectation three decades ago when the Whois and DNS protocols
were conceived. Today, most Internet users are unaware that Whois data is available as a way to protect themselves from malware, fraud, ransomware and other types of nefarious online
activities. They are also unaware that security professionals and cybercrime investigators
consider information on domain name registrants vital to their daily efforts to keep Internet
users safe and their organizations secure.
This White Paper Will Cover:
- Three essential cybersecurity workflows: Risk assessment/mitigation, enumeration/correlation, and attribution/remediation
- Why publicly available whois data is a fundamental part of these workflows
- Real world examples of public domain ownership data in cybersecurity workflows