With the influx in events per second rising, organizations need the ability to execute high query volumes with increased response times. The DomainTools App for Splunk allows customers to rapidly enrich domains with domain risk score, proximity, threat profile, Whois, IP, active DNS, website & SSL data to surface evidence of malicious activity.
If you are a current DomainTools customer, please contact your Account Manager before downloading the Splunk Technology Add-on. We want to ensure that you have the proper inputs to make the application work to your advantage.
Raise alerts with batch processing and access Domain Risk Score, Proximity and Threat Profile classifiers.
Learn how to leverage the capabilities of the rich Iris data set with Splunk and Phantom to provide better visibility and context into their network traffic, gain event enrichment-at-scale, and garner proactive risk scoring with selective targeting.
Splunk turns machine data into answers. Regardless of your organization’s size and industry, Splunk can give you the answers you need to solve your toughest IT, security and business challenges—with the option to deploy on-premises, in the cloud or via a hybrid approach.