Overview
Read about the basics of Domain Intel
Quick View
| What it does | Retrieves intelligence data for submitted domains |
| Supported Languages | |
| Capabilities |
|
| Supported Providers |
About Domain Intel service
The Domain Intel service allows you to retrieve intelligence about known domain names. Through a combination of providers, you gain access to the disposition of over 390 million domain addresses.
Benefits of using Domain Intel service
Pangea serves intelligence data from third-party providers, normalizing responses, to help you quickly identify malicious domains. All of this happens through a unified API and SDK - with no contracts or direct integrations to the provider required.
For example, if you set DomainTools as the provider, you’ll receive a standard score that can be easily interpreted
in the API response. Armed with this information, you might choose to immediately block or investigate a domain
in your environment.
Use Cases
The Domain Intel API can be embedded directly into your application to determine if a domain is known to be malicious. Common use cases include:
- Detecting malicious domains in forum posts, blogs, chat sessions, social applications, or any other type of user generated content.
- Blocking a user signing up for your app with an email that has a malicious domain in it.
- Checking domain names extracted from files stored in the Pangea Secure Object Store.
- Checking domain names extracted from suspicious files that have been either statically or dynamically analyzed (i.e. sandbox detonation or runtime behavior analysis).
- Checking the address of incoming emails to detect and block Business Email Compromise, Phishing, and SPAM email campaigns. This may
include one or more of the following, for example:
- The From Address (e.g. info@pangea.cloud)
- The Return-Path Domain (e.g. bounces@pangea.cloud)
- The DKIM Signing Domain
- Any other links, headers, content, and brand assets included in the message
Was this article helpful?