Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.



DomainTools, the recognized leader in domain name research and monitoring tools, offers the most comprehensive searchable database of domain name registration, Whois records and hosting data for online investigations and research. Cyber security analysts, fraud investigators, domain professionals and marketers use DomainTools to investigate cybercrime, protect their assets and monitor online activity. DomainTools has 12 years of history on domain name ownership, Whois records, hosting data, screenshots and other DNS records. That's why customers say, "Every online investigation starts with DomainTools." DomainTools customers include many Fortune 1000 companies, leading vendors in the Security and Threat Intelligence community and most crime-fighting government agencies. Individual users can start with an online Free Trial available at Enterprise accounts are available from

Our Website:

Latest Content From DomainTools

Whitepaper: The Value of Threat Intelligence with DomainTools: Identify Threats 82% Faster

by DomainToolsJun 29, 2020

There is an increasing chasm between the number of qualified cybersecurity professionals and the number of people needed to fill those roles. DomainTools is a vendor that seeks to address these challenges by offering context rich threat intelligence solutions. DomainTools offerings involve using indicators, including domains and IP addresses, to develop risk assessments, profile attackers, guide investigations, and map cyber activity to attacker infrastructure.

Download this white paper to learn how DomainTools Threat Intelligence solutions can help empower your security teams to:
• Identify threats 82% faster
• Proactively identify 3x more threats
• Lower chance of incidents by 19%
• Improve productivity for threat investigation teams by 51%

Webcast: Thinking Like an Attacker: Strategies for Defense

by DomainToolsJun 03, 2020

More and more, enterprises are discovering that the best way to test and defend their organization is to view their IT environment from the perspective of an attacker. But how do you predict an attacker's motives and simulate their methods, and how do you know that you aren’t overlooking key vulnerabilities? In this Dark Reading webinar, experts discuss methods for testing your security’s mettle by thinking like your adversary.

Research Report: 2020 SANS Cyber Threat Intelligence

by DomainToolsApr 06, 2020

Cyber Threat Intelligence (CTI) is analyzed information about the capabilities, opportunities and intent of adversaries that meets a specific requirement determined by a stakeholder. Organizations with CTI programs focus on understanding the threats they face and providing specific information to help defend against those threats. In the past few years, CTI has evolved from small, ad-hoc tasks performed disparately across an organization to, in many cases, robust programs with their own staff, tools and processes that support the entire organization.

2020 was a big year for the SANS CTI Survey, with a record number of respondents and the highest ever reporting of CTI programs within organizations, with 1,006 responding to the survey in 2020 and just 505 responding in 2019. There were some areas that leveled out after years of growth--such as implementation of threat intelligence platforms and a focus on tactics, techniques and procedures (TTPs) over just indicators of compromise (IoCs)--and some areas that continued to grow both in number and variety, such as the types of data being used to generate intelligence. As the field settles into its new maturity, understanding and improving the effectiveness of CTI programs will become even more critical.

This survey also includes information surrounding:
• The value of CTI
• Best practices for defining CTI requirements
• How organizations leverage CTI
• Next steps for the CTI community based on data

Whitepaper: SANS Cyber Threat Intelligence Survey

by DomainToolsJan 08, 2020

Cyber threat intelligence (CTI) analyzes information about the intent, capabilities and opportunities of adversaries in cyberspace, making it a valuable resource for organizations as well as individuals serving in roles such as network architects, security operations team members, incident responders and high-level decision makers, all of whom must be prepared for the wide range of threats challenging their organizations. SANS has been tracking the evolution of CTI as a mechanism for prevention, detection and response through seven CTI summits and five surveys, and has seen a gradual maturation of the field and its applications in information security.

This survey also includes information surrounding:

• The value of CTI
• Best practices for defining CTI requirements
• How organizations leverage CTI

Whitepaper: Powering Incident Response by Operationalizing Threat Intelligence

by DomainToolsJan 08, 2020

Threat intelligence is the pathway that leads us to clear and actionable knowledge about malicious actors. The challenge with threat intelligence, however, is that while security teams have boundless access to both free and paid threat data feeds, they are often overwhelmed with information. The vast amount of data and alerts, combined with the resource shortage most face, makes it difficult to turn the data into intelligence that applies to the organization, and then translate that insight into actions that decrease the attack surface or address real, imminent threats.

More than half of organizations report a problematic shortage of cybersecurity skills. The industry's global skills gap is forecasted to result in a record high of 3.5 million unfilled positions by 2021. Hiring more people is currently not an option for teams who are inundated with security data, alerts and incidents. Rather, practioners need to operationalize threat intelligence, so they are empowered with better, faster, smarter ways to query, learn from and enrich threat data so it can be put into action.

This paper includes information surrounding:

• Situational analysis
• Extracting value from threat intelligence
• A real world look at operationalizing threat intelligence

Whitepaper: The Value of Threat Intelligence

by DomainToolsJan 08, 2020

Is it possible to overcome the daunting challenge of knowing everything that's going on inside and outside the network? Tarik Saleh, Senior Security Engineer at DomainTools believes the answer is yes--if security teams take new approaches to how they think about, vet and validate intelligence, indicators and adversary behaviors.

This paper will discuss detection strategies to reduce false positives, and models that improve threat hunting and investigations outcomes. It will also cover leading tools that help teams make the most of their limited time and resources.

This paper includes information surrounding:

• Types of threat detection
• Strategies to fine-tune threat detection and response
• Tools to support a behavior-led detection strategy

Research Report: 2019 Threat Hunting Report

by DomainToolsOct 14, 2019

Based on a comprehensive survey of cybersecurity professionals in our 400,000-member Information Security Community on LinkedIn, the 2019 Threat Hunting Report confirms that organizations are increasing their operational maturity and investments in threat hunting. Organizations realize that proactively uncovering security threats pays off with earlier detection, faster response, and effective denial of future exploits that can damage business operations.

This survey also includes information surrounding:

• Key security challenges
• Which data collections and indicators are valuable for threat hunting
• Top benefits of threat hunting

Whitepaper: Developing a Threat Hunting Program: Checklist: A 5-Step Guide

by DomainToolsOct 14, 2019

This 5-step guide will help you understand how to conduct internal and external threat hunting activities in a programmatic manner as well as help organizations new to threat hunting create the foundations for conducting threat hunts.

Research Report: 2019 SANS Incident Response Survey Report

by DomainToolsOct 14, 2019

Information security rarely has a dull day. The past year delivered significant data breaches, impacting industries ranging from hospitality to legal to social media. We've seen a continuation of financially motivated threats, such as business compromise (BEC), which continue to pillage and drain corporate bank accounts. Ransomware has brought multiple cities to their knees, earning threat actors significant funds in the process. Coupled with the ever-looming threat that a nation-state-sponsored threat actor might pull an organization into its crosshairs, there's little reason to cease vigilance in enterprise networks.

Vigilance requires the ability to be nimble and flexible, especially given the array of options available to threat actors these days. In the surveys past, we commended our respondents on improving response times, increasing the use of threat intelligence, and upping the amount of automation and integration within their networks. However, the work is never done; we must constantly be improving. The aforementioned threats aren't necessarily new, but perhaps more refined. For example, some threat actors have moved from noisy, custom malware to "living off the land" with built-in Microsoft Windows capabilities. And in that spirit, we identify the theme for this year's survey: It's time for a change.

    This year's survey shows crucial improvement in incident response (IR). We love some of this year's increases:
  • Containment and remediation-- two of the most important phases of incident response-- saw shorter times.
  • Incidents were detected internally at a much higher ratio
  • False positives declined, which we hope means organizations have gotten better at classifying their incidents.

Whitepaper: SANS Top New Attacks and Threat Report

by DomainToolsJul 22, 2019

Read this report to better understand the top new attacks and threats, gain deeper insight into cybersecurity trends on both the offensive and defensive sides, and get advice on steps enterprises must take to mitigate current and future risks.