The Forrester Wave™: Digital Risk Monitoring, Q3 2016 named RiskIQ a leader in Digital Risk Monitoring, and gave RiskIQ top ranking for Current Offering & Data Coverage.
Download the Report
Get vast internet data sets and advanced analytics to hunt digital threats and defend your company’s digital footprint.
Get RiskIQ Community Edition
Get the Analyst Report
Putting Digital Threat Investigation and Response into Hyperdrive
Join the SANS webcast on June 29 at 3:30 p.m. ET/12:30 p.m. PT.
Save Your Seat
Security Intelligence Services
Use registration-based correlation to expand your knowledge of the adversary
Give It a Test Drive
Thousands of times a day, domains are bought and transferred between individuals, and domain registrants must provide information about themselves when registering one. This information gets stored in a WHOIS record associated with the domain.
WHOIS is a protocol that lets anyone query for ownership information about a domain, IP address, or subnet. RiskIQ has a vast repository of WHOIS data, which is available to query for registrant information.
Attackers need to establish infrastructure to conduct their attack from and communicate with their malware. Often times attacks register multiple domains at the beginning of an attack campaign for use during all phases of their operations.
WHOIS data can provide an organization with insight into who is behind an attack campaign. Using domain registration information, an organization can unmask an attacker’s infrastructure by linking a suspicious domain to other domains registered using the same or similar information.
Interested in enhancing and enriching your organization’s security operations and incident response activity even further? Then check out:
RiskIQ’s PassiveTotal API