DomainTools App for Splunk (Legacy)

The DomainTools App for Splunk provides direct access within Splunk to DomainTools' industry-leading threat intelligence data on domain names, the individuals who control them, and the infrastructure that supports them. ++ We have a new DomainTools App supporting Splunk 8.x environments and built on the latest SDK. Please see 'Details' tab to access the new app ++ Customers who deploy the app in Splunk benefit from: + Increased visibility to events associated with risky domain names + Precisely targeted threat hunting activities + Rich domain data pre-populated in Splunk lookups and indexes + Proactive Monitoring of malicious domains leveraging PhishEye API + Leverage Tagged Domains from DNS Investigations from DomainTools Iris platform + Surface Notable Events in Splunk ES with DomainTools Risk Score The DomainTools App for Splunk is powered by the DomainTools Risk Score, a proprietary scoring algorithm that finds malicious domain names before they can be weaponized. The technology is based on machine learning algorithms applied to DomainTools' unparalleled coverage of domain name features and infrastructure characteristics. The app also includes Threat Hunting Dashboard to gain quick situational awareness of the risk presented by domain names on your network and helps guide teams to effectively leverage DomainTools data in their SOC workflows.