Learn how the enhanced DomainTools App for Splunk can help you pinpoint potentially dangerous connections quickly and efficiently by simplifying your triage process and expediting your workflow. [...] Continue reading →

Catch up on your industry reading with a curated list of the most popular blogs of Q3 2021. This installment includes a ransomware defenders guide, valuable data set cheat sheet, original research, and helpful OSINT tools. [...] Continue reading →

Although ransomware holds a significant mindshare in security, phishing continues to be an effective and efficient tool for threat actors. In this blog, Tim Helming walks through various anti-phishing tools and methods available to defenders. [...] Continue reading →

Although ransomware holds a significant mindshare in security, phishing continues to be an effective and efficient tool for threat actors. In this blog, Tim Helming cautions not to dismiss BEC just because it’s not grabbing headlines. [...] Continue reading →

Among the kinds of attention natural disasters attract, sketchy or outright scammy domains are among the less savory. We explored the DomainTools database in the aftermath of Hurricane Ida and found many domains with high risk profiles. [...] Continue reading →

Understand how to develop threat intel requirements for the most relevant dataset—a sweet spot where your internally generated threat intelligence builds on your own network traffic—known as DNS-related network observables. [...] Continue reading →

Learn how to take advantage of one-off, bite-sized intelligence to help your organization’s defensive posture and inform future investigations. [...] Continue reading →