DomainTools Enrichment App

Last Updated: Nov 20, 2018 04:07PM EST
User
None

Overview

The DomainTools Enrichment app is a contextually aware Spaces app that allows ThreatConnect® users to enrich compatible Indicators (Host, Address, and EmailAddress) with information from DomainTools services.

Steps

  1. On the top navigation bar (Figure 1), place the cursor over BROWSE and then over the INDICATORS option. Click on an object (ADDRESS in this example) to display a results table (Figure 2).
  2. Click on an entry, and the Details flyout for that entry will appear (Figure 3).
  3. Click the Details icon at the top right corner of the flyout, and the Overview tab of the Details screen will appear (Figure 4). Alternatively, hover over the object's entry in the table in Figure 2 and click on the Details icon that appears on the right side of its Summary cell to go straight to the Overview tab of the Details screen.
  4. Click the Spaces tab, and the Spaces screen will appear (Figure 5).
  5. Click the + Add App button, and the Add Address App window will appear (Figure 6).
  6. Select TCS - DomainTools v1.0 from the Select App dropdown menu, and then click the ADD button. The app will now appear in the Space (Figure 7).
  7. Click the pencil icon at the top right, and the Configure App window will appear (Figure 8).
  8. Change the app’s Title if desired, and enter or change the DomainTools API Username, DomainTools API Key, DomainTools API URL, Auto refresh interval, and Logging Level. Click on the $ buttons to view a dropdown list of variables that may be chosen for the corresponding item. When finished, click the SAVE button. The Space will now display DomainTools enrichment data for the given Indicator (Figure 9).
  9. Click on the Network, Contacts, and Routes tabs to view current DomainTools information in those categories. Click on the double-arrow icon to the left of those tabs to view a sidebar (Figure 10). The Services section contains data for DomainTools services applicable to the subscription level for the DomainTools API used. The App History section shows historical data about the Indicator included in the user’s DomainTools subscription. Click on the view… links for more details about each item.
  10. To delete the app, click the trash icon on the top right.

20057-01 EN Rev. E

Contact Us

  • ThreatConnect, Inc.
    3865 Wilson Blvd.
    Suite 550
    Arlington, VA 22203

    Toll Free:   1.800.965.2708
    Local: +1.703.229.4240
    Fax +1.703.229.4489

    Email Us



https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete