New platform helps security teams quickly find the source of attacks.
DomainTools launched its new Iris platform today, making it easier for companies to quickly investigate security attacks and determine their sources.
Iris integrates many of DomainTools’ existing data sets into an easy-to-use workflow. While targeted to enterprises without the resources necessary to manage their own systems tapping into DomainTools’ API, it could also be helpful for domain name attorneys and other people trying to find out who is behind a domain name.
The platform allows you to start with one piece of data, such as a domain name, and connect the dots to other data points. Even domain names protected with whois privacy can be connected based on data such as IP address, MX records, and Google Analytics and Adsense code.
DomainTools executives gave me a preview of the system yesterday. In one example, the company showed how a business could find out other domain names owned by someone undertaking a spear phishing attack. This would allow the company to block access to these other domain names before one of its employees fell victim to the phishing attempt.
While many people who read Domain Name Wire are already familiar with how to use DomainTools’ system to investigate domain names, I believe Iris makes the workflow easier. It also makes it easier to run ongoing monitoring associated with an investigation.