Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.



DomainTools, the recognized leader in domain name research and monitoring tools, offers the most comprehensive searchable database of domain name registration, Whois records and hosting data for online investigations and research. Cyber security analysts, fraud investigators, domain professionals and marketers use DomainTools to investigate cybercrime, protect their assets and monitor online activity. DomainTools has 12 years of history on domain name ownership, Whois records, hosting data, screenshots and other DNS records. That's why customers say, "Every online investigation starts with DomainTools." DomainTools customers include many Fortune 1000 companies, leading vendors in the Security and Threat Intelligence community and most crime-fighting government agencies. Individual users can start with an online Free Trial available at Enterprise accounts are available from

Our Website:

Latest Content From DomainTools

Webcast: Making Security Orchestration Automation and Response (SOAR) Work in Your Enterprise

by DomainToolsAug 17, 2021

Over the past few years, many enterprises have been improving cybersecurity by implementing the Security Orchestration, Automation, and Response (SOAR) framework, which provides a path to collect threat data from multiple sources and respond to some security events automatically. How does SOAR work in the enterprise? How does it lower security risk, and what skills and tools do you need to make it work in your own organization? In this webinar, experts answer these questions and provide recommendations on practical implementation of the SOAR concept.

Whitepaper: Formulating a Robust Pivoting Methodology

by DomainToolsJun 24, 2021

Cyber Threat Intelligence (CTI) operations are founded on the idea of being able to expand perspective to highlight likely adversary activity and artifacts related to such operations—commonly referred to as "pivoting." Yet while pivoting remains a central aspect of CTI tradecraft, the concept lacks a robust, agreed definition among practitioners and is often distilled to little more than intuition in many applications.

While this paper will not seek to completely "solve" the issue of a formal pivoting definition, by examining the nature and characteristics of Indicators of Compromise (IOCs) and even raw, unitary indicators, we can begin formulating a more robust approach to pivoting in practice. By viewing indicators as composite objects with various subcomponents, we arrive at a view where various pieces that make up the fundamental nature of the indicator can be used in various combinations to identify similarly-structured objects. More significantly, such patterns and combinations yield not just additional indicators through research and investigation, but they also shed light on fundamental adversary tendencies and behaviors.

This paper includes information surrounding:

  • The practice of pivoting as a concept and a methodology
  • The significance of Indicators of Compromise (IOCs)
  • Indicators as composite objects
  • Inferring adversary behaviors and uncovering attacker tendencies

Whitepaper: The 2021 Threat Hunting Report

by DomainToolsApr 05, 2021

Threat hunting continues to evolve for organizations that focus on proactively detecting and isolating Advanced Persistent Threats (APTs) that might otherwise go undetected by traditional, reactive security technologies.

While many SOCs are struggling to cope with the current security threat workload, more organizations are adopting threat hunting as part of their security operations. They are discovering that proactive threat hunting can reduce the risk and impact of threats while improving defenses against new attacks.

This survey includes information surrounding:
• Benefits of threat hunting
• The most important skills for threat hunters
• Investments for better threat hunting
• Insights into adversaries

Whitepaper: The Impact of the SolarWinds Breach on Cybersecurity

by DomainToolsApr 05, 2021

The SolarWinds hack has presented a cybersecurity reckoning at a scale never before seen for the US government and private enterprises. While the width and depth of state-sponsored attacks are yet to be determined, one thing is certain: the fallout from the SolarWinds hack is going to get worse before it gets better.

To help determine the impact this breach has had on organizations, Domaintools conducted a survey among security professionals in order to provide the infosec community with insights into the cybersecurity world post-SolarWinds.

Survey highlights and areas of relevance include:
• How organizations handled the hack and how job roles were impacted
• How the priorities of threat hunting and DNS and domain-level intelligence were affected
• What resources have been reallocated and how budgets have shifted
• How organizations are reevaluating risk under the assumption they were compromised
• What process improvements have been made in response to state-sponsored attacks

Research Report: SANS 2021 Cyber Threat Intelligence Survey

by DomainToolsJan 19, 2021

Cyber Threat Intelligence (CTI) is analyzed information about the capabilities, opportunities, and intent of adversaries conducting cyber operations. Adversaries tend to operate in and across digital networks and equipment that shape and impact businesses, critical infrastructure, and our daily lives. Understanding how threats are targeting information, systems, people, and organizations helps organizations and individuals alike understand how to perform threat hunting and security operations, respond to incidents, design better systems, understand risk and impact, make strategic changes and protect themselves from future harm.

Even with the difficulties that 2020 brought, CTI work has continued to grow and mature -- a record number of organizations report that they have clearly communicated intelligence requirements as well as methods and processes in place to measure the effectiveness of CTI programs. These improvements continue to show the resilience of the field and the value of CTI as a resource for clarity and prioritization when complex challenges arise.

This survey also includes information surrounding:
• The value of CTI
• The reversal of recent CTI trends
• How organizations and CTI analysts are adapting to remote work
• Improvements regarding automated tools and processes
• How the CTI field is growing and next steps for the community

Research Report: 2020 Threat Hunting Report

by DomainToolsOct 06, 2020

In 2020, Cybersecurity Insiders conducted the third annual research project on threat hunting to gain deeper insights into the maturity and evolution of the security practice. This Threat Hunting Report is based on the results of a comprehensive online survey of cybersecurity professionals, to gain deep insight into the latest trends, key challenges, and solutions for threat hunting management. The respondents range from technical executives to managers and IT security practitioners, representing a balanced cross-section of organizations of varying sizes across multiple industries.

The research confirms that organizations are increasing their operational maturity and investments in threat hunting. Organizations realize that proactively uncovering security threats pays off with earlier detection, faster response, and effective denial of future exploits that can damage business operations.

This survey also includes information surrounding:

  • Primary goals of an organization's threat hunting programs
  • Threat Hunting Automation
  • Top benefits of threat hunting
  • Threat Hunting as an investment

Whitepaper: Cybersecurity Report Card

by DomainToolsOct 06, 2020

2020 was been a year filled with uncertainty. Many industries were either unprepared or not designed to move to a fully remote work environment with haste. Those on the cyber defense frontlines were faced with new challenges in multiple areas as an increase in cyberattacks coincided with the sudden shift to remote work. The progress made over the previous years towards a more mature security posture equipped many organizations with the skills and tools to meet these challenges head on. As a result, the number of reported breaches this year did not increase, despite the pandemic.

This paper outlines the results of the DomainTools' fourth annual Cybersecurity Report Card Survey. More than 520 security professionals from companies ranging in size, industry, and geography were surveyed about their security posture and asked to grade the overall health of their programs. Almost 60 percent of respondents are on the cyber frontlines as security researchers, analysts or threat hunters. The responses built on the results of the previous 2017, 2018, and 2019 Report Cards. The environment that this year's survey was conducted in differs markedly from previous years due to the upheaval that arose from the global pandemic.

Key findings from this survey include:

  • The growing sophistication of organizations' threat hunting capabilities
  • Important trends in common attack vectors
  • Common traits of grade "A" respondents
  • Keys to success in 2021

Whitepaper: The Value of Threat Intelligence with DomainTools: Identify Threats 82% Faster

by DomainToolsJun 29, 2020

There is an increasing chasm between the number of qualified cybersecurity professionals and the number of people needed to fill those roles. DomainTools is a vendor that seeks to address these challenges by offering context rich threat intelligence solutions. DomainTools offerings involve using indicators, including domains and IP addresses, to develop risk assessments, profile attackers, guide investigations, and map cyber activity to attacker infrastructure.

Download this white paper to learn how DomainTools Threat Intelligence solutions can help empower your security teams to:
• Identify threats 82% faster
• Proactively identify 3x more threats
• Lower chance of incidents by 19%
• Improve productivity for threat investigation teams by 51%

Research Report: 2020 SANS Cyber Threat Intelligence

by DomainToolsApr 06, 2020

Cyber Threat Intelligence (CTI) is analyzed information about the capabilities, opportunities and intent of adversaries that meets a specific requirement determined by a stakeholder. Organizations with CTI programs focus on understanding the threats they face and providing specific information to help defend against those threats. In the past few years, CTI has evolved from small, ad-hoc tasks performed disparately across an organization to, in many cases, robust programs with their own staff, tools and processes that support the entire organization.

2020 was a big year for the SANS CTI Survey, with a record number of respondents and the highest ever reporting of CTI programs within organizations, with 1,006 responding to the survey in 2020 and just 505 responding in 2019. There were some areas that leveled out after years of growth--such as implementation of threat intelligence platforms and a focus on tactics, techniques and procedures (TTPs) over just indicators of compromise (IoCs)--and some areas that continued to grow both in number and variety, such as the types of data being used to generate intelligence. As the field settles into its new maturity, understanding and improving the effectiveness of CTI programs will become even more critical.

This survey also includes information surrounding:
• The value of CTI
• Best practices for defining CTI requirements
• How organizations leverage CTI
• Next steps for the CTI community based on data

Whitepaper: SANS Cyber Threat Intelligence Survey

by DomainToolsJan 08, 2020

Cyber threat intelligence (CTI) analyzes information about the intent, capabilities and opportunities of adversaries in cyberspace, making it a valuable resource for organizations as well as individuals serving in roles such as network architects, security operations team members, incident responders and high-level decision makers, all of whom must be prepared for the wide range of threats challenging their organizations. SANS has been tracking the evolution of CTI as a mechanism for prevention, detection and response through seven CTI summits and five surveys, and has seen a gradual maturation of the field and its applications in information security.

This survey also includes information surrounding:

• The value of CTI
• Best practices for defining CTI requirements
• How organizations leverage CTI