Proactive Network Monitoring with DomainTools and CrowdStrike Falcon
Learn how DomainTools drives rapid risk identification within the CrowdStrike Falcon platform
Current network visibility and breach detection technologies can provide a wealth of information about suspicious or malicious activities within an organization and can identify the domains or IP addresses associated with attacks or data exfiltration. But, because threat actors rapidly “burn” infrastructure, a reactive approach leaves your organization open to new attacks. Analysts need a way to rapidly assess the risk of new infrastructure as it surfaces. DomainTools integration with CrowdStrike empowers joint customers to profile adversaries and their infrastructure as they are detected within current Falcon workflows, providing predictive context and reducing swivel-chair activities for faster triaging and response.
Learn how to leverage DomainTools Risk Score and DNS intelligence data with the Falcon platform to accelerate IOC assessment and expedite containment and remediation actions without losing context—empowering analysts to make immediate decisions on domain indicators and drastically reduce the response time on domain-related threats.
In this webinar, you will learn how to:
- Contextualize and profile domains inside the Falcon platform with actionable Risk Scores and Threat Profile intelligence to domain indicators
- Extend your investigations from Falcon without losing context via direct integration into DomainTools Iris
- Meet the CrowdStrike 1-10-60 rule by streamlining incident investigation and accelerating alert triage and response, based on domain-related threats
- Josh Rice, Senior Integrations Solutions Engineer at DomainTools
- Christian Rencken, Strategic Threat Advisor at CrowdStrike
For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.Visit the Tech Center