Facilitates automation of key infrastructure characterization and hunting portions of the incident response process. Organizations will have access to essential domain profile, web crawl, SSL, and infrastructure data from within Cortex XSOAR. Requires a DomainTools Iris Investigate API key.
Together, DomainTools and Cortex XSOAR automate and orchestrate the incident response processes with essential domain profile, web crawl, SSL, and infrastructure data delivered by the DomainTools Iris Investigate API. SOCs can create custom, automated workflows to trigger Indicator of Compromise (IoC) investigations, block threats based on connected infrastructure, and identify potentially malicious incidents before weaponization.
With the DomainTools Iris App for Cortex XSOAR, the Iris dataset is available not only for ad-hoc War-Room investigations on specific incidents, but also for automated actions. Organizations will be able to fetch a complete Iris profile for a domain name including:
- IP address and hostname details for the name servers, mail servers, and web servers powering the domain.
- SSL certificate details and tracking codes for the website hosted on the domain.
- Gathers email addresses extracted from DNS SOA records.
- Provides DomainTools Risk Score with components and evidence.
This app requires an Iris Investigate API key. Please contact sales@domaintools.com for a trial.
For more information, visit DomainTools Iris App for Cortex XSOAR
Together, DomainTools and Cortex XSIAM automate and orchestrate the incident response processes with essential domain profile, web crawl, SSL, and infrastructure data delivered by the DomainTools Iris Investigate API. SOCs can create custom, automated workflows to trigger Indicator of Compromise (IoC) investigations, block threats based on connected infrastructure, and identify potentially malicious incidents before weaponization.
With the DomainTools Iris App for Cortex XSIAM, the Iris dataset is available not only for ad-hoc War-Room investigations on specific incidents, but also for automated actions. Organizations will be able to fetch a complete Iris profile for a domain name including:
- IP address and hostname details for the name servers, mail servers, and web servers powering the domain.
- SSL certificate details and tracking codes for the website hosted on the domain.
- Gathers email addresses extracted from DNS SOA records.
- Provides DomainTools Risk Score with components and evidence.
This app requires an Iris Investigate API key. Please contact sales@domaintools.com for a trial.
For more information, visit DomainTools Iris App for Cortex XSIAM