Domaintools Header
  • Product Presentation
  • Technik I
  • SIEM / Threat Analytics / SOC

Fingerprinting Threat Actors with the Iris Investigation Platform

See how to use the power of domain and DNS threat intelligence to investigate threat actors through their digital fingerprints.

10/6/2020 4:30:00 PM – 10/6/2020 4:45:00 PM

Please log in or register in advance so that you can take part in actions or watch videos about the action!

This action is available to the it-sa 365 community as a video.

Domaintools Header
  • Product Presentation
  • Technik I

See how to use the power of domain and DNS threat intelligence to investigate threat actors through their digital fingerprints.

Language: English

Questions and Answers: Yes

graphical blue background
close

This video is available to the it-sa 365 community. Please register or log in with your login data.

Action description

Threat actors are constantly applying new methods, making it impossible to know everything about them or their capabilities. But, security teams can begin to discover digital fingerprints that will help lead to additional clues, just like in an investigation of a physical crime.

In this session, you will see a demonstration of a threat investigation that uses the power of domain and DNS intelligence to find the digital fingerprints of threat actors in the DomainTools Iris Investigation Platform.

Within Iris, security analysts can pivot across pieces of information like nameserver, Whois information, email domains, shared hosting and related domains can provide additional paths for investigators to search and reveal additional unknown domains or details to help tell the full story about a threat.

read more

Speaker