APIs
Integrate DomainTools data with existing tools or products
Bigger Threats Require More Advanced Solutions
For Security Operations Centers (SOCs), Fraud Analysts and Solution Vendors that need to integrate DomainTools data into their existing workflows, we offer comprehensive and scalable APIs. The DomainTools APIs are used by customers and partners to put DomainTools data adjacent to their network through partner pass-through integrations to enable workflows in TIP, Orchestration and SIEM technologies. Additionally, the DomainTools APIs are REST based and come with pre-written Python wrappers making it easy to incorporate into your own internal tools as you see fit.
Integrate with your Own Solutions
Domain-based threat intelligence is a natural complement to many security products.
Augment Existing Data Sets
Integrate into SIEM and detection tools to provide domain profile information in “one pane of glass.”
Automate and Streamline Investigative Processes
Scale your efforts by leveraging DomainTools data directly into your workflows.
Iris Enrich API
Iris Investigate API
Iris Enrich API
- Supports high query volumes of domain name attributes.
- Provides actionable insights-at-scale with enterprise-scale ingestion of DomainTools data to support 3rd party or purpose-built platforms.
- Creates a seamless view of data to provide an easy transition from SIEM alert to human analysis.
Iris Investigate API
- Delivers dozens of domain name attributes on every result including Risk Score, DNS, Whois, SSL, and more.
- Enables easy pivoting through different domain name attributes and exposes meaningful insights with connection counts on most data fields.
- Designed for human-scale interactions and seamless integration with 3rd party or other purpose-built platforms.
API Comparison
| Iris Detect API | Iris Enrich API | Iris Investigate API | |
|---|---|---|---|
| Rate Limit | 1/hour each New & Changed domains | 60/minute | 20/minute |
| API Complexity | Multiple REST endpoints (New, Changed, Domain Triage calls) | Single REST Endpoint | Single REST Endpoint |
| Optimization | Hourly freshness | Fast Response | Data Thoroughness |
| Domain Profiles | Always included | Always included | Always included |
| Pivot Counts | N/A | - | All fields |
| Risk Score | Included, with evidence | Included | Included, with evidence |
| Batch Processing | Up to 100 domains/call | Up to 100 domains/call | Up to 100 domains/call |
| Pivots | N/A | - | One endpoint, most fields |
| Query Allocation | Indpendent service levels | Independent service levels | Shared with Iris web app |
| Packaging | Included with Detect | Sold Separately | Included with Iris |
| Monitoring | N/A | Domains Only | With a query parameter |
Featured Integrations
Featured Integrations
Related APIs Support & Learning
A selection of documents and materials related to DomainTools industry topics.
About DomainTools Iris Investigate
In this video, we demonstrate how our data sets are presented in the Iris platform and some ideas on making d
About DomainTools Iris Investigate
Watch NowDomainTools Iris Enrich
DomainTools Iris Enrich enables workflows with rich context for quick triaging, automated investigations with domain and DNS data, and threat data enrichment to establish rule-driven actions.
DomainTools Iris Enrich
READ MOREDomainTools Iris Integration for TheHive and Cortex
Install the Domaintools Iris Integration for TheHive and Cortex.
DomainTools Iris Integration for TheHive and Cortex
Learn MoreDomainTools App for Cortex XSOAR
The Cortex XSOAR Iris App brings contextual DNS intelligence from DomainTools Iris to Demisto.
DomainTools App for Cortex XSOAR
Learn MoreDomainTools App for IBM Resilient
Efficiently respond to events in real-time when collecting and aggregating domain intelligence and analytics, thus reducing the Mean Time To Respond (MTTR).
DomainTools App for IBM Resilient
Learn MoreDomainTools App for Elastic
The DomainTools App for Elastic is an out-of-the-box solution that provides direct access to DomainTools' industry-leading threat intelligence data within Elastic.
DomainTools App for Elastic
Learn MoreRelated Products
DomainTools security products can help you find out if a domain name is risky, who's behind it, and what other cyber-assets are associated with it.
