Tired of spending long hours on the Internet trying to get more information on malicious domains or IPs? Ever wished you could get a view into an attacker’s infrastructure before they strike?
Infoblox Dossier™ is a threat research tool that gives security analysts, researchers and SOC team members intelligence on threat indicators (IPs, hostnames, URLs)with contextual information automatically sourced from a dozen sources (including Infoblox’s own threat intelligence platform) simultaneously, empowering them to make accurate decisions more quickly and with greater confidence. It correlates multiple datasets including open source, proprietary and premium commercial sources, allows users to pivot on different data points during threat investigation and helps prevent future attacks by identifying related domains and IPs.
Some of the benefits of Dossier include:
- A clean and modern design that helps analysts look at huge amounts of information about a threat centrally in one place
- Better contextual information to easily identify top threats more intuitively with a timeline showing the journey of a queried domain, and related domains and sub domains
- Aligned with workflows of analysts when they conduct a forensic research on a threat
You can now easily try out this powerful threat investigation tool using a limited version called Dossier Express.
Type in an indicator (up to 5 queries allowed per day) and get rich contextual information about that indicator in a consolidated fashion for investigation purposes. If you like what you see, provide your contact information and get a full detailed report.
Here’s a quick video on how to use the tool:
Dossier is part of Infoblox ActiveTrust® suite, integrated, cloud managed, hybrid DNS security solution that protects users and data anywhere: on-premises, roaming or in remote offices. The solution blocks DNS based data exfiltration, stops malware communications with command-and-control servers, prevents access to content not in compliance with policy, and automatically shares intelligence, IOCs and rich network context with your existing security infrastructure for orchestration and faster incident response. This fully integrated DNS based security architecture leverages the scalability and pervasiveness of DNS to provide comprehensive protection, leveraging customer’s existing infrastructure investment and Infoblox’s next generation SaaS platform.
Try ActiveTrust (on-premises) or ActiveTrust Cloud free for 30 days to see how you can leverage this powerful security solution.