Overview

DomainTools Iris Investigate is a sophisticated threat intelligence platform designed to assist security analysts in identifying and mitigating cyber threats. It offers comprehensive domain intelligence, risk scoring, and access to extensive domain, DNS, and SSL datasets. With an intuitive web interface and robust API integration, Iris Investigate enables users to efficiently investigate potential cybercrime and cyberespionage activities. The platform's capabilities include mapping connected infrastructure, assessing domain risks, and analyzing historical domain data to provide actionable insights for threat detection and prevention.

Features and Capabilities

• Domain Risk Score
  • Quickly assess whether to allow, conditionally allow, or deny various types of connections.
  • Determine the potential harm a domain may cause upon registration.
  • Gain visibility into the type of risk a domain represents.
• Domain History
  • Access over a decade of Whois records to uncover connections not evident in current records.
  • View both historical and current infrastructure associated with a domain, utilizing extensive passive DNS records.
  • Track the evolution of threat actor campaigns through the domains and IP addresses they have used.
• SSL Profiles
  • Analyze certificate contents to assess the trustworthiness or risk level of the domain hosting the certificate.
  • Identify other domains sharing the same certificate.
  • Pivot to other domains listed in the Subject Alternative Name section.
• API Offerings
  • Provides numerous domain name attributes, including Risk Score, DNS, Whois, SSL, and more.
  • Facilitates easy pivoting through different domain name attributes, exposing meaningful insights with connection counts on most data fields.
  • Designed for human-scale interactions and seamless integration with third-party or custom-built platforms.
• Data Confidence
  • Offers near real-time risk scoring on all newly registered and discovered domains.
  • Covers over 97% of currently registered domains.
  • Establishes sophisticated associations across datasets to accelerate action.