Give Bad Actors More Bad Days: New Enhancements to Iris Investigate

New Features Improve Detection and Response to Malicious Infrastructure

Tens of thousands of domains are registered on the Internet daily for phishing, command and control (C2), data exfiltration, and other illicit activity. Incident response teams, threat intelligence managers, and SOC managers need a complete picture of the infrastructure associated with a threat in order to stop the next attack from the same actor. 

Using Iris Investigate, threat hunters, incident responders, and other SOC personnel can quickly identify malicious infrastructure and mine 20+ years of Whois records to make connections and track threat actors’ campaign evolutions, and assess potential risks.  

Join Tim Helming and Grant Cole for a live demonstration of Iris Investigate so you can elevate your security operations and get to the data that matters most. Our presenters will cover: 

• Domain History: See how a domain evolves over time. You can trace when a domain potentially becomes malicious by tracing who controlled it, where it was hosted, what web content it provided and more.
• Enhanced Certificates: Faster gathering of certificates and more powerful queries against certificate data
• More Web Trackers: We are gathering new web trackers to improve the overall breadth and depth of web content that we capture, making it easier to find malicious actors recycling webpages across domains. 
• Additional enhancements in passive DNS, IP Profile data, user-triggered Whois record updates, and more.