TMCnet News
DomainTools Joins IBM Security App Exchange CommunitySEATTLE, March 13, 2018 /PRNewswire/ -- DomainTools, a leader in domain name and DNS-based cyber threat intelligence, today launched the DomainTools App for QRadar, which integrates with IBM security intelligence technology to enable threat hunting and thorough incident response. The solution is powered by DomainTools' proprietary risk scores and comprehensive domain profiles applied at enterprise scale to create on-site threat intelligence from proxy, DNS and email log data. The new application is freely available to the security community through IBM Security App Exchange, a marketplace where developers across the industry can share applications based on IBM Security technologies. As threats are evolving faster than ever, collaborative development amongst the security community will help organizations adapt quickly and speed innovation in the fight against cybercrime. The DomainTools App leverages IBM QRadar, the company's security intelligence platform which analyzes data across an organization's IT infrastructure in real-time to identify potential security threats. Leveraging QRadar's new open application programming interfaces (API), DomainTools App for QRadar allows DomainTools and IBM customers to respond to advanced threats with:
Advanced threats are organized groups of real people, so mature security teams take an actor-centric approach. They care less about IP addresses and more about names and email addresses. Since advanced groups try to avoid re-using malware and infrastructure, traditional blacklists are not as effective. Instead, teams source their own threat intelligence by aggregating logs across their organization, especially web proxy and DNS logs. This is critical because these actors are hard to detect and have long dwell times in victim networks. Finally, since IOCs (Indicators of Compromise) shift quite rapidly, making them difficult and expensive to correlate with published threat intelligence, top organizations focus instead on the actor's tactics, techniques, and procedures, or TTPs, which change less frequently and, with the right data, can be detected more precisely. About DomainTools About IBM Security
View original content with multimedia:http://www.prnewswire.com/news-releases/domaintools-joins-ibm-security-app-exchange-community-300612876.html SOURCE DomainTools |