DomainTools Announces Enhanced App for Splunk to Reduce Cyber Threat Detection and Response Time

0
34

 

DomainTools, the leader in domain name and DNS-based cyber threat intelligence, today announced the general availability release of the 4.1 version of its app for Splunk, provider of the Data-to-Everything® Platform. With several key feature enhancements, including support for early adopters of Splunk 8.0 (and Python 3), users will see improved capabilities, performance, and user experience.

The DomainTools App for Splunk provides direct access within Splunk to industry-leading threat intelligence data on domain names, the individuals who control them, and the infrastructure that supports them. The app is available for download on Splunkbase.

Customers who deploy the app in Splunk will benefit from:

  • Capability to integrate threat investigation and incident response workflows in Splunk
  • Mass enrichment of domain observables with DomainTools intelligence
  • Proactive monitoring of malicious domains within Splunk
  • Discovery of new domain IOCs related to network observables from within Splunk

“With attackers taking advantage of the pandemic and attack surfaces increasing with the shift to remote work, security teams are facing new challenges around putting security events in context to actively defend their organizations. The DomainTools App for Splunk allows customers to enrich and monitor malicious domains at scale without leaving the Splunk interface,” said Jackie Abrams, VP of Product, DomainTools.

The DomainTools App for Splunk is powered by the DomainTools Risk Score, a proprietary scoring algorithm that finds malicious domain names before they can be weaponized. The technology is based on machine learning algorithms applied to DomainTools’ unparalleled coverage of domain name features and infrastructure characteristics.

Download the DomainTools App for Splunk 4.1 now on Splunkbase: https://splunkbase.splunk.com/app/5226/

Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light, and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries.

LEAVE A REPLY

Please enter your comment!
Please enter your name here