DomainTools, the leading provider of DNS-based cyber threat intelligence, today announced the availability of DomainTools Iris Detect, an innovative new product designed to discover and monitor domain names spoofing brands, trademarks, or other domains with unprecedented speed, accuracy, and comprehensiveness. Building on the world’s largest databases of domain registration and Domain Name System (DNS) data developed by DomainTools and Farsight Security, the discovery engine underpinning Iris Detect identifies some 350,000 new domains every day—far more than any other technology available.
Iris Detect works by comparing global new domain registrations, discovered in near-real time, against brand terms selected by users. It also gives near-instant risk scoring of these domains based on proprietary DomainTools algorithms, and also captures screenshots; these details help the user make fast decisions about which domains represent the largest threat. Going beyond many competitive brand protection tools, Iris Detect continues to watch any domains the user flags as suspicious, to pick up signals of “weaponization” that could indicate that the domain is about to be used for malicious purposes. Moreover, Iris Detect also allows the user to escalate dangerous domains for enforcement actions, including blocking in security controls, or forwarding to Google Phishing Protection, which blocks dangerous domains in Chrome, Safari, and Firefox browsers.
Lookalike domains are implicated in phishing and malware attacks of various kinds, including ransomware, business email compromise (BEC), and credential harvesting, as well as counterfeiting and other kinds of brand abuse. The costs associated with these activities collectively run to the billions of dollars per year. But historically, it has been difficult for those on the defensive side of the battle to stay ahead of such abuse.
According to the FBI’s most recent Internet Crime Report, in 2020, the Internet Crime Complaint Center (IC3) received 19,369 business email compromise (BEC)/email account compromise (EAC) complaints with adjusted losses of over $1.8 billion. In 2020, the IC3 also received 2,474 complaints identified as ransomware with adjusted losses of over $29.1 million.
“With the threat malicious domains pose and the methods threat actors use that make traditional tracking inefficient, DomainTools Iris Detect leads the way with impressively fast detection paired with features that separate precious signal from what would seem like noise using other vendor solutions,” said Sasha Angus, co-founder of threat intelligence firm Scylla.
“Iris Detect represents the state of the art for speedy discovery of malicious online infrastructure, and the culmination of multiple technologies developed by DomainTools and Farsight Security over many years,” said Tim Chen, CEO of DomainTools. “We are proud to deliver a product that truly empowers defenders to make the Internet a safer place for their organizations and for the public at large.”
Iris Detect rounds out the DomainTools Iris family, complementing two previously existing products: Iris Enrich is an application programming interface (API) enabling large-scale automated enrichment of threat indicators, and Iris Investigate is an interactive web-delivered platform and API for deeper analysis of online infrastructure.