DomainTools announced the
availability of DomainTools Iris Detect, an innovative new product
designed to discover and monitor domain names spoofing brands, trademarks, or
other domains with unprecedented speed, accuracy, and comprehensiveness.
Building on the world's largest databases of domain registration and Domain
Name System (DNS) data developed by DomainTools and Farsight Security, the discovery engine underpinning Iris
Detect identifies some 350,000 new domains every day-far more than any other
technology available.
Iris Detect works
by comparing global new domain registrations, discovered in near-real time,
against brand terms selected by users. It also gives near-instant risk scoring
of these domains based on proprietary DomainTools
algorithms, and also captures screenshots; these details help the user make
fast decisions about which domains represent the largest threat. Going beyond
many competitive brand protection tools, Iris Detect continues to watch any
domains the user flags as suspicious, to pick up signals of "weaponization"
that could indicate that the domain is about to be used for malicious purposes.
Moreover, Iris Detect also allows the user to escalate dangerous domains for
enforcement actions, including blocking in security controls, or forwarding to
Google Phishing Protection, which blocks dangerous domains in Chrome, Safari,
and Firefox browsers.
Lookalike domains
are implicated in phishing and malware attacks of various kinds, including
ransomware, business email compromise (BEC), and credential harvesting, as well
as counterfeiting and other kinds of brand abuse. The costs associated with
these activities collectively run to the billions of dollars per year. But
historically, it has been difficult for those on the defensive side of the
battle to stay ahead of such abuse.
According to the
FBI's most recent Internet Crime Report, in 2020, the Internet Crime Complaint
Center (IC3) received 19,369 business email compromise (BEC)/email account
compromise (EAC) complaints with adjusted losses of over $1.8 billion. In 2020,
the IC3 also received 2,474 complaints identified as ransomware with adjusted
losses of over $29.1 million.
"With the threat
malicious domains pose and the methods threat actors use that make traditional
tracking inefficient, DomainTools Iris Detect leads
the way with impressively fast detection paired with features that separate
precious signal from what would seem like noise using other vendor solutions,"
said Sasha Angus, co-founder of threat intelligence firm Scylla.
"Iris Detect
represents the state of the art for speedy discovery of malicious online
infrastructure, and the culmination of multiple technologies developed by DomainTools and Farsight Security
over many years," said Tim Chen, CEO of DomainTools.
"We are proud to deliver a product that truly empowers defenders to make the
Internet a safer place for their organizations and for the public at large."
Iris Detect
rounds out the DomainTools Iris family, complementing
two previously existing products: Iris Enrich is an application programming
interface (API) enabling large-scale automated enrichment of threat indicators,
and Iris Investigate is an interactive
web-delivered platform and API for deeper analysis of online infrastructure.