WebsiteTest Drive

WHOIS

WHOIS is a tooling integration. Tooling Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.

Dropzone AI platform supports WHOIS, which queries domain registrations information. Useful information that may be cleaned via WHOIS includes:

Type
Purpose

Domain Ownership Information

Retrieve details about the registered owner of a domain

Registration Dates

Access creation dates, often indicative of 'new' domains, more likely to be used in attacks

Contact Information

Get administrative, technical, and registrant contact details

Enable WHOIS

The WHOIS integration does not require any API keys or credentials.

To enable the Data Source integration, do the following:

  • Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app

  • In the bottom left hand corner, click Settings > Integrations

Integrations Dropdown

  • Click "Provided"

Click Provided

  • In the Search bar, search WHOIS, then click the kebab on the right

Select WHOIS

  • Click "Enable data source" to enable WHOIS

Enable data source

If you have any errors engage your Dropzone AI support representative.

PreviousVisionNextYARAify

Last updated

Was this helpful?