DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure.

Product Categories: Threat Intelligence, Forensics

SANS Analyst Papers

SANS Webcasts

TitleSpeakerPublication Date
The Beginners Guide to Applying Machine Learning to Incident Response

Dave Shackleford

August 15, 2019

Integrated Incident Response: A Panel Discussion about the SANS 2019 IR Survey

John Smith, Corin Imai, Matt Bromiley

August 2, 2019

Integrated Incident Response: A SANS Survey

Matt Bromiley

August 1, 2019

Vetting Your Intel - Techniques and Tools for False Positive Analysis

Robert M. Lee, Tarik Saleh

May 15, 2019

SANS Top New Attacks and Threat Report

John Pescatore

April 19, 2019

SANS Automation & Integration Security Briefing: SOARing to New Heights - Using Orchestration & Automation Tools in the Way They're Intended

Chris Crowley

February 8, 2019

CTI Tools, Usage and a Look Ahead: Part 2 of the 2019 SANS Cyber Threat Intelligence Survey

Rebekah Brown, Jonathan Couch, and Nicholas Hayden

February 7, 2019

CTI Requirements and Inhibitors: Part 1 of the 2019 SANS Cyber Threat Intelligence Survey

Robert M. Lee, Nick Hayes, Helen Johnson and Allan Liska

February 5, 2019

MythBusters: ICS Edition

Alissa Torres and Mike Thompson

December 5, 2018

SANS Cyber Threat Intelligence Briefing 2018: Efficiency and Effectiveness Through Cyber Threat IntelligenceRobert M. Lee, Taylor Wilkes-Pierce and Brandon Levene

November 30, 2018

SANS Security Operations Center Briefing: Knowledge Retention, Staff Training, Automation & Operationalization 2018

Chris Crowley, Karen Buffo and Tim Helming

November 16, 2018

Threat Hunting in Action: SANS 2018 Survey Results, Part II

Rob Lee, Robert M. Lee, Sid Pearl, Benjamin Powell, and Justin Swisher

September 20, 2018

Threat Hunting Is a Process, Not a Thing: SANS 2018 Survey Results, Part I

Chris Carlson, Helen Johnson, Rob Lee, Robert M. Lee, and Dana Torgersen

September 19, 2018

Fingerprinting Threat Actors with Web Assets

Rebekah Brown and Mike Thompson

May 8, 2018

Cyber Threat Intelligence Skills and Usefulness: SANS CTI Survey Results, Part 2

Dave Shackleford, John Hurd and Rebekah Brown

February 7, 2018

Cyber Threat Intelligence Today: SANS CTI Survey Results, Part 1

Dave Shackleford, Itay Kozuch, Travis Farral and Zach Hill

February 6, 2018

SANS Security Operations Center (SOC) Briefing

Chris Crowley, Diana Granger, Tim Helming and Nick Espinoza

November 17, 2017

Clustering, Sourcing, and Correlating All Things Indicators

Rebekah Brown and Kyle Wilhoit

September 28, 2017

Reducing Attacks and Improving Resiliency: The SANS 2017 Threat Hunting Survey Results | Part 2

Robert M. Lee, Toni Gidwani, Mike Scutt and Dana Torgersen

April 27, 2017

Threat Hunting-Modernizing Detection Operations: The SANS 2017 Threat Hunting Survey Results | Part 1Threat Hunting-Modernizing Detection Operations: The SANS 2017 Threat Hunting Survey Results | Part 1

Rob Lee, Travis Farral, Zach Hill and Ely Kahn

April 26, 2017

Cyber Threat Intelligence in Action-Effectiveness of CTI Programs and Wish Lists for the Future: Results of the 2017 Cyber Threat Intelligence Survey Part 2

Dave Shackleford, Rebekah Brown, Travis Farral and Allan Thomson

March 16, 2017

Cyber Threat Intelligence in Action-Skills and Implementations: Results of the 2017 Cyber Threat Intelligence Survey Part 1

Dave Shackleford, Paul Bowen, Robert Simmons and Zach Hill

March 15, 2017