Overview

DomainTools turns domain and DNS data into threat intelligence that helps security teams detect, investigate, and prevent cyberattacks. By mapping the connections between domains, IPs, and digital infrastructure, DomainTools reveals the full story behind suspicious activity—before damage is done. Trusted by global enterprises and government agencies, DomainTools empowers analysts with the context and insights needed to respond faster, hunt smarter, and stay ahead of adversaries in an ever-evolving threat landscape.

1. Iris Detect - Discover and monitor lookalike domains with unmatched speed and coverage. Threat Actors Move Fast. Detect Helps You Move Faster. Iris Detect is an Internet infrastructure detection, monitoring, and enforcement tool (UI and API) built on the industry’s fastest and broadest domain discovery engine and the largest databases of domain data. Capturing key data on new domains and risk-scoring them within minutes of discovery, Detect is a game-changer for brand managers, digital risk and fraud prevention teams, and network defenders.
2. Iris Enrich - Robust API including Whois, DNS, SSL certificate, and risk scoring elements to enrich indicators at scale. Enrich on-network indicators at-scale. The DomainTools Iris data set helps analysts, detection engineering teams, threat hunters, and other practitioners obtain critical situational awareness on domains or IP addresses observed in the protected environment. Whois, DNS, SSL certificate, and risk scoring elements help build out the needed context for the appropriate disposition of indicators. Iris Enrich APIs are REST-based and OpenAPI compatible, making it easy to incorporate into your own internal tools.
3. Iris Investigate -  Map connected infrastructure to get ahead of threats - Track the wolf;Find the pack. Iris Investigate combines enterprise-grade domain intelligence and risk scoring with industry-leading passive DNS data. An intuitive web interface and corresponding APIs query these data sources to help security teams quickly and efficiently investigate potential cybercrime and cyberespionage.