Proofpoint wants a patent for its domain discovery system.
Cybersecurity company Proofpoint (NASDAQ: PFPT) has filed a patent application (pdf) for a reverse Whois system.
Reverse Whois refers to finding all of the domain names associated with a given owner. A typical reverse Whois lookup involves using an email address or Registrant Name in Whois and discovering the domain names associated with it.
Proofpoint’s system is designed to start with a seed domain name owned by a company. It then runs reverse Whois checks on the Whois data and infrastructure around the domain name. It uses what data is available to try to determine all of the domains owned by the same entity.
If the domain uses Whois privacy, it will look at the domain’s infrastructure (name servers, IP addresses, MX records, etc.). The system can use a combination of data to try to ascertain which domains belong to the entity.
One goal of a system like this is to determine when a bad actor registers a brand domain.
The system sounds a lot like some of the tools that DomainTools offers.
Proofpoint filed the original patent application (Ser. No. 16/244,955) in January 2019 and filed a continuation patent application (Ser. No. 17/129804) in December 2020. The U.S. Patent and Trademark Office published the continuation application today.
Mike says
Well I shall look forward to suing whoever uses such a system for breach of GDPR ,Privacy and any other relevant law. As for DomainTools, let us see.
samfrida says
How is this patent worthy if the fields listed are public? Whois data – seriously, if folks are dependent on it, they need to wake up.
Ken Hansen says
Proofpoint is attempting to get a patent for threat hunting. Thousands do this every day for decades.