Platform

Iris Enrich

Integrate DomainTools ® data with SIEM, SOAR, and other tools

Request a DemoWatch the Demo
DomainTools Iris Enrich Product Post Video Background

Enrich on-network
indicators at-scale

The DomainTools Iris data set helps analysts, detection engineering teams, threat hunters, and other practitioners obtain critical situational awareness on domains or IP addresses observed in the protected environment. Whois, DNS, SSL certificate, and risk scoring elements help build out the needed context for the appropriate disposition of indicators. Iris Enrich APIs are REST-based and OpenAPI compatible, making it easy to incorporate into your own internal tools.

Key Benefits

  • Comprehensive Data Sources
  • Insights into Emerging Threats
  • Infrastructure Risk Assessment

Enhance SIEM, SOAR and Security Controls

  • Timely, comprehensive, and accurate

    • DomainTools has a best-in-class new infrastructure discovery engine for the earliest context on newly-registered domains and emerging attack campaigns.
    • The Iris database is the industry’s largest, with over 360 million active domains, and over 95% coverage across all TLDs.
    • Iris data comes from authoritative and well-vetted sources for reliable accuracy.

  • Domain registration profile data

    • The most comprehensive source of Whois data, including creation dates, registrant data, and active/inactive status indication.
    • DNS resolutions for hosting, MX, and name servers. SOA records often provide registrant contact even in domains with redacted Whois records.
    • SSL/TLS certificate hash, subject, organization, and email data.

  • Adaptable to many use cases

    • Internet infrastructure data offers many different kinds of insights into hacking threats, fraud, ransomware, phishing, brand infringement, attack surfaces, and adversary tools and methods.
    • The Iris Enrich API gives you the flexibility to design detections and controls that match your most pressing needs.

Iris Enrich API Offerings

Automate Enrichment of Domain and IP Indicators

  • Supports high query volumes of domain name attributes.
  • Provides actionable insights at scale with enterprise-class ingestion of DomainTools data to support 3rd party or purpose-built platforms.
  • Creates a seamless view of data to provide an easy transition from SIEM alert to human analysis.
Learn More

Confidence in the Data

The most trusted online infrastructure data. Anywhere.

Timely

Near real-time risk scoring on all newly registered and discovered domains

Comprehensive

>97% of currently registered domains

Connected

Sophisticated associations across datasets to accelerate action.

Related Iris Enrich Support & Learning

A selection of documents and materials related to DomainTools industry topics.

Related Products

Our security products can help you find out if a domain name is risky, who’s behind it, and what other cyber-assets are associated with it.

Iris Platform

See the full Iris Platform, powered by the gold standard in Internet intelligence

  • Detect
  • Investigate
Learn More

Farsight DNSDB

Plug into the world’s largest passive DNS intelligence solution.

Learn More

Threat Intelligence Feeds

Quickly predict the associated risk and threats of a domain or IP address.

Learn More

API Documentation

API access to data sets for flexible use in commercial and home-grown tools.

Learn More

Enterprise Membership Packages

Enterprise members get interactive access to premium research tools and unrivaled data.

See Package Details
DomainTools Logo
Pricing Contact Login Support Request a Demo

© 2024 DomainTools

DomainTools® and DomainTools™ are owned by DomainTools, all rights reserved.

Privacy Policy    |    California Privacy Notice
Do Not Sell My Personal Information    |    Terms of Service    |    Sitemap