DomainTools Invests in Domain & DNS Research with Launch of DomainTools Investigations

Powered by a seasoned team of security analysts and researchers to focus on preventing, mitigating, and investigating attacks.

SEATTLE, Jan. 9, 2025 /PRNewswire/ -- DomainTools, the global leader in domain and DNS-based cyber threat intelligence, today announced the launch of DomainTools Investigations (DTI), a community-based research effort focused on preventing, mitigating, and investigating domain and DNS based attacks.

With the launch of DTI, the cybersecurity community will have access to the insights DomainTools analysts gather on advanced persistent threats (APTs), nation-states, cyber-espionage groups, business email compromise (BEC), and more. In addition to driving the analysis and data behind DomainTools' industry-leading products, DTI security analysts and researchers will produce and publish innovative research on the DTI website and share findings in webinars, industry events, and conferences.

DomainTools has been collecting and analyzing domain and DNS data for more than two decades, uniquely positioning DTI to analyze threat actor behavior and surface newly emerging patterns in threat activity based on the largest historical active and passive DNS database – as it's happening.

The team of analysts and researchers who make up DTI is led by top cyber industry expert, Daniel Schwalbe, who spent the greater part of two decades tracking cybercriminals and nation-state actors in higher education, government, and large enterprises. As head of investigations and CISO at DomainTools, Schwalbe is committed to sharing actionable insights with the community. The diverse DTI team is composed of well-respected industry researchers and analysts with deep knowledge, specializing in reverse-engineering, malware, and global threat actors.

"We have assembled a team of extremely talented experts in threat research as the foundation of DTI. Each member of the team is deeply invested in publishing research for the benefit of the cybersecurity community, which has been a personal mission of mine for more than 20 years. As threat actors constantly evolve in fascinating ways, we're uncovering new and valuable information that can inform attack prevention strategies," said Schwalbe.

DomainTools has captured more than 97% of the Internet, mapping and analyzing billions of domains and DNS infrastructure to provide security teams with advanced domain risk analytics and real-time passive DNS feeds for proactive defensive strategies.

"The industry phrase - 'It's Always DNS' - has never been truer than in 2024. The purpose of DTI in 2025 is to relentlessly analyze tactics, techniques and procedures (TTPs) we're seeing and inform the community of the evolution of these practices," said Brendan O'Connell, chief product officer. "The work being done within DTI is critical within the security industry and provides every organization with the tools they need to protect themselves today."

The launch of DTI comes as threat actors increasingly leverage credential phishing like Charming Kitten, banking trojans like TrickBot, and various other tactics for financial gain. For the latest research from DTI visit dti.domaintools.com.

Interested in staying up to date on the latest threats, trends, and tactics? Follow us on X and Mastodon @domaintools.

About DomainTools
DomainTools is the global leader for Internet intelligence and the first place security practitioners go when they need to know. The world's most advanced security teams use our solutions to identify external risks, investigate threats, and proactively protect their organizations in a constantly evolving threat landscape. For more information, visit http://www.domaintools.com.

Contact:
Michelle Kearney
Hi-Touch PR
443-857-9468
[email protected] 

SOURCE DomainTools