1 DomainTools Enterprise Services Delivering Domain Intelligence to Support Strategic Decisions DOMAINTOOLS SOLUTION BRIEF
2 INTRODUCTION: THE POWER OF BIG DATA Business decision makers have become increasingly reliant on multiple sources of empirical data to make critical business decisions. Whether a manager of a large ad network using data to track down policy violators, a trademark attorney researching brand infringement or a network security analyst investigating a recent attack, access to the best information is critical to getting the job done right. So, it s little wonder that more companies across a range of industries are now looking at domain and DNS data as key sources in their research and investigation. Like how every financial transaction leaves a paper trail, every action on the Internet leaves a trail of interconnected information in domains, Whois records, IP addresses, hosting history, Name servers and other DNS data. Today s leading companies are using this intelligence to their advantage in fighting cybercrimes, protecting their brand, investigating security attacks and improving their online business. This solution brief will outline the various use cases for domain data, how high throughput access to domain data can reveal newfound business intelligence, and will showcase how Enterprise Solutions from DomainTools can deliver proactive information to make more informed business decisions.
3 STRATEGIC DOMAIN DATA USE CASES: It wasn t long ago that Whois records were used simply to identify the owner of a domain name or IP address and IP addresses were just an address for internet resources. However, as the Internet has matured to become a primary channel for communicating and doing business, CIOs and CSOs must likewise evolve and incorporate DNS data into their strategic arsenal. Activity manifested over the Internet can be the source of enormous value creation, or the source of significant value destruction by criminals. By having high- volume access to parsed, indexed Whois and DNS data, executives from a variety of corporate functions can leverage domain data to better support strategic decision- making and protect the value creating assets. Some of the most common use cases include: 1 AD, SOCIAL or BUSINESS NETWORK POLICING Businesses that have their own user networks such as social networks, ad networks, or ecommerce, must continually police their networks to ensure users are complying with policy. Fraudulent ads or accounts can cost millions of dollars in lost ad revenue and destroy user trust. Unfortunately, closing one bad account at a time is not an effective solution. Leveraging domain and DNS data with internal account data to find and identify whole networks of fraudulent activity can significantly reduce violations. 2 NETWORK SECURITY Network security breaches and Advanced Persistent Threats (APTs) continue to wreak havoc on enterprise organiations that must divert valuable IT resources to address persistent security concerns. As any security expert will attest, no one solution can do it all. Thus, it s critical to have access to the best data and resources to proactively combat online security threats. DNS intelligence and Whois data enables security practitioners to quickly associate domain names and IP addresses to the people and organiations behind them and then map the entire resource infrastructure of those organiations. 3 BRAND MONITORING Online brand abuse and the illegal sale of counterfeit goods cost companies hundreds of billions of dollars in losses every year. Through the intelligent application of DNS data, brand managers can better identify criminals who are damaging their brand equity and take the right steps to automate the monitoring of their brand assets to proactively protect them. This is not just monitoring one files for the registration of new cybersquatted domain names worldwide, but also the mapping of other assets owned by the same perpetrators. 4 COMPETITIVE RESEARCH Proactively monitoring how competitors are using domain names and IP addresses can yield important strategic insights. Look no further than the domain name industry and the advent of generic top- level domains (gtld). For instance, by researching the prevalence of certain domain name strings, registrars can better ascertain where they might be losing market share to competitors (whether in certain TLDs or in specific geographic markets). In a similar manner, hosting providers can monitor growth of competitor nameservers or IP addresses.
4 LIKE THE WHITEPAGES TO THE INTERNET, ONLY BETTER: If you ve been on this earth for more than 30 years, you ll remember the White Pages. It listed all the families in your town, their street address, and their phone number. Now imagine that instead of the phone book, you have a single search box. You could enter your friend s name, and the phone book would return your friend s address and phone number. That s handy when you have one- off requests, but not as useful as having access to the entire directory. A lookup provides a single response. Having the entire book in parsed, electronic, database format, can be intelligently queried to provide a wealth of valuable information. Port that analogy to the Internet, and you have the Whois protocol. There are any number of sites on the Internet where you can look up the ownership record of a domain name or IP addresses. The difference between DomainTools and every other Whois site out there is that DomainTools has the entire phone book. And sometimes, especially in the theatres of cybercrime and espionage, it is extraordinarily valuable to be able to query the entire data set at once, at scale, in real- time. THE DOMAINTOOLS DIFFERENCE Traditional Whois Site Provides only the owner of a single, requested domain name Confirms whether a single domain name is pointed to a given nameserver Confirms if a cybersquatter owns a domain name that contains your brand Confirms whether an IP address has been subdelegated to a given organiation Confirms if a competitive registrar is gaining market share DomainTools Provides a list of ALL the domain names someone owns today as well as ALL of the domain names they have ever owned Provides ALL the domains pointed to that same nameserver resource Provides a comprehensive list of ALL the domains that exist that include your brand Provides a list of ALL of the IP ranges delegated to an organiation Provides deep insight into certain TLDs or countries so specific corrective action can be taken DELIVERING DEEPER INSIGHTS THROUGH BETTER DATA: Building effective research tools begins with having access to the most comprehensive repository of data. DomainTools doesn t simply include current Whois records DomainTools has been aggregating Whois records for more than 10 years. DomainTools doesn t just cover the major gtlds like.com,.net and.org, we possess data on more than 300 cctlds and all new gtlds coming to market in 2014 and beyond. DomainTools doesn t just have domain name Whois data, we also
5 provide access to a complete archive of Nameserver and IP address Whois data, as well as numerous DNS data points that help provide context and insight for investigators. Plain and simple, DomainTools has the best domain, Whois, and DNS data and research tools available. ê Over 7 billion Whois records from over 470 million domains, present and historical ê 250 million current Whois records, nearly 2x the competition ê Over 84 million cctld domains, 10x more than the competition. ê Over 15 billion DNS data points including IP address, name server and registrar change points ê Historical Whois records, Screenshots and Hosting History, dating back over 10 years. ê Over 8 million manually mapped IPV4 IP address range delegations and subdelegations ê The most frequently updated data, making the data more accurate and relevant. ê Ready for the millions of domains that will come from new gtlds in 2014 Breadth of domain and TLD (Top Level Domain) coverage is critical as many fraudulent and suspect characters attempt to shield their true identity in foreign, less strict or little known TLDs. While.COM is by far the most popular and most frequented TLD, there are now more than 350 other TLDs, including over 300 cctlds (country code TLD), on which nefarious Internet activity is often initiated. Gathering, parsing and indexing domain information for all these TLDs can be extremely challenging as each region has its own registry rules and data formats. DomainTools has invested significant engineering effort and capital to build and scale the world s most extensive Whois and DNS data sets. Additionally, the new gtlds being issued by ICANN next year will likely open the floodgates to a new wave of online fraud and cybersquatting. Over 1,800 applications for new gtlds are currently active with ICANN and there is the possibility that ICANN will allow an infinite number of gtlds in the coming years. DomainTools is working closely with ICANN to ensure DNS data continues to remain both public and accessible. Furthermore, DomainTools is working within the ICANN committees to improve data format consistency and set standards for how frequently DNS data is published from the registrars. Tighter controls on providing fraudulent registrant information during the registration process and transparency of registered data will go a long way to fighting online crime. FAST, DEDICATED ACCESS TO THE WORLD S LARGEST REPOSITORY OF HISTORICAL DOMAIN DATA More than two- thirds of the DomainTools workforce is comprised of engineering and IT experts who are dedicated to architecting an enterprise- class system to deliver high- speed query capabilities to enterprise customers. For companies or organiations that require high volume, direct access to DomainTools databases, DomainTools offers a proven RESTful API solution for nearly all of our data and products. Access is private, secure, and extremely fast and reliable. Data can also be returned in multiple formats, including JSON, XML or HTML. A number of customers integrate APIs from DomainTools with internal data and processes in order to connect and correlate activity patterns. For example, a customer who hosts a large ad network
6 merges DomainTools data with internal account data to track patterns of fraudulent advertising in order to eliminate a whole network instead of fighting one fraudulent account at a time. A software provider cross- checks Whois and IP address information with known site locations for violations of software license terms. Other companies have leveraged ecommerce data or other data sets to track fraudulent sales of counterfeit goods. These companies require big data access through DomainTools API s in order to marry data sets and run large queries. They also consequently avoid the whack a mole practice of shutting down one account at a time by connecting the dots across a number of known bad accounts to shut down an entire operation at once, thereby preventing further cost, damage and customer ill- will. CUSTOM SOLUTIONS FOR DEMANDING CUSTOMERS Whether an enterprise customer has a unique problem they are trying to solve or capability they want to put in place, they often have specific requirements in terms of the type of data they need, when they need it and a specified data format. DomainTools custom engineering services helps craft specific solutions to meet our customers needs. DomainTools engineers and solution consultants are industry leading experts in data sets, data architecture and infrastructure and will work in concert with a customer s technical team to implement a solution that meets their exact requirements. With enterprise- grade data comes enterprise class customer support and account service. DomainTools maintains a large and growing engineering team dedicated to improving our data as well as our core technology and products. All customers receive Premium Level account services and support with a direct sales representative and priority support. Flexible billing and payment options as well as custom training engagements are also available for enterprise customers.
7 CONCLUSION: Domain names, IP address, Whois records and related DNS data are all critical ingredients to a successful enterprise- grade competitive research, fraud investigation and brand abuse mitigation strategy. Domain intelligence has become an increasingly important frontline tool to identify and prosecute bad actors that are perpetrating brand abuse and a means by which to proactively protect valuable brand assets. For those companies, government agencies or specialists who can benefit from high- volume, high- reliability access to the world s most comprehensive and accurate domain and IP data, DomainTools enterprise services is standing by to help. ABOUT DOMAINTOOLS: DomainTools offers the most comprehensive searchable database of domain name registration and hosting data geared to monitor, protect and investigate online fraud, cyber crimes and brand fraud. Users of DomainTools.com can review over 470 million historical domain name and Whois records, over 3 billion DNS data points (IP addresses, name servers, mail servers, hosting history), and 6 years of Screenshot history. The Company s comprehensive snapshots of past and present domain name registration, ownership and usage data, in addition to powerful research and monitoring resources, help customers by unlocking everything there is to know about a domain name. Visit the website at http://www.domaintools.com