DomainTools
Connector Category: Enrichment Tools
About Integration
CTIX integrates with DomainTools to enable security analysts to add contextual information to the threat data and convert it to threat intelligence. This integration allows analysts to identify and understand patterns, prioritize potential threats, and respond effectively.
Use Cases
Enables security analysts to contextualize, correlate, prioritize, and mitigate threats.
Converts raw threat data into actionable threat intelligence to perform threat hunting, incident response, and higher detection rates.
Identify and understand threat patterns, prioritize them, and take timely decisions to control potential exploitation.
Benefits
Saves time and effort spent by analysts in identifying potential threats by automatically correlating the information with data sets.
Important
The DomainTools enrichment tool will be available only on explicit requests made to the Cyware Support team. To utilize the functionalities of DomainTools, contact Cyware Support.
Configure DomainTools as an Enrichment Tool
Configure DomainTools in CTIX to enrich domain.
Before you Start
You must have the username and API key of your DomainTools account.
Your user group must have Create enrichment tools and policies, View enrichment tools and policies, and Update enrichment tools and policies permissions.
Steps
Sign in to CTIX.
Navigate to Enrichment Management and select Enrichment Tools.
Search for DomainTools and click on the app.
Enter a unique account name to identify the instance. For example, DomainTools-Prod.
Enter the base URL to directly connect to the application's server. For example,
https://sitename.com/directoryname/.Enter the username and API key as shared by DomainTools. These credentials will authenticate the connection between the applications.
Select Verify SSL to verify and secure the connection between the CTIX and DomainTools servers.
If you disable this option, CTIX may configure an instance for an expired SSL certificate. This may not establish the connection properly and CTIX will not be able to notify you in case of a broken or improper connection. It is recommended to select this option.
Click Save.
You can add multiple instances of this integration by clicking Manage > Add More on the Manage Instance screen.
To understand the number of API calls and quota units consumed by the DomainTools enrichment tool, refer to the following table:
Enrichment Tool | Feed Enrichment Type | Number of API Calls | Quota Consumed |
|---|---|---|---|
DomainTools | Domain | 1 | 1 |
To successfully configure the integration between CTIX and DomainTools, follow the steps mentioned in Enrichment Management.