RiskIQ PassiveTotal provides access to the most comprehensive internet data sets available to protect organizations from modern cybersecurity threats. The platform maps and exposes threat infrastructure and provides unparalleled context and intelligence to events and incidents.
What does this pack do?
The content pack PassiveTotal provides the following capabilities:
- Returns the DomainWhois record for the registered domain name portion of the hostname.
- Search all tracker addresses and host information.
- Active account sources can be used to retrieve passive DNS results.
- Retrieves the SSL certificate history.
- Returns the exposed services that are relevant to the query.
- Delivers insights into adversary threat infrastructure organized around a set of purpose-built intelligence profiles.
- Provides dynamic reputation scoring on IPs and domains.
- Delivers prioritized insights on an organization’s attack surface, including impacted assets (observations).
- The practical picture of vulnerability risk, focused on a specific Attack Surface (your own or a third-party vendor).