Proofpoint wants a patent for its domain discovery system.
Cybersecurity company Proofpoint (NASDAQ: PFPT) has filed a patent application (pdf) for a reverse Whois system.
Reverse Whois refers to finding all of the domain names associated with a given owner. A typical reverse Whois lookup involves using an email address or Registrant Name in Whois and discovering the domain names associated with it.
Proofpoint’s system is designed to start with a seed domain name owned by a company. It then runs reverse Whois checks on the Whois data and infrastructure around the domain name. It uses what data is available to try to determine all of the domains owned by the same entity.
If the domain uses Whois privacy, it will look at the domain’s infrastructure (name servers, IP addresses, MX records, etc.). The system can use a combination of data to try to ascertain which domains belong to the entity.
One goal of a system like this is to determine when a bad actor registers a brand domain.
The system sounds a lot like some of the tools that DomainTools offers.
Proofpoint filed the original patent application (Ser. No. 16/244,955) in January 2019 and filed a continuation patent application (Ser. No. 17/129804) in December 2020. The U.S. Patent and Trademark Office published the continuation application today.