API Integration
Integrate DomainTools data with existing tools or products for a seamless solution
Bigger Threats Require More Advanced Solutions
For Security Operations Centers (SOCs), Fraud Analysts and Solution Vendors that need to integrate DomainTools data into their existing workflows, we offer comprehensive and scalable APIs. Our APIs are used by customers and partners to put DomainTools data adjacent to their network through partner pass-through integrations to enable workflows in TIP, Orchestration and SIEM technologies. Additionally, our APIs are REST based and come with pre-written python wrappers making it easy to incorporate into your own internal tools as you see fit.
Key Features
-
Integrate with your own solutions
Domain-based threat intelligence is a natural complement to many security products.
-
Augment existing data sets
Integrate into SIEM and detection tools to provide domain profile information in “one pane of glass.”
-
Automate and streamline investigative processes
Scale your efforts by leveraging DomainTools data directly into your workflows.
Iris Enrich API
Iris Investigate API
- Delivers dozens of domain name attributes on every result including Risk Score, DNS, Whois, SSL, and more
- Enables easy pivoting through different domain name attributes and exposes meaningful insights with connection counts on most data fields
- Designed for human-scale interactions and seamless integration with 3rd party or other purpose-built platforms
Iris Enrich API
- Supports high query volumes of domain name attributes
- Provides actionable insights-at-scale with enterprise-scale ingestion of DomainTools data to support 3rd party or purpose-built platforms
- Creates a seamless view of data to provide an easy transition from SIEM alert to human analysis
API Comparison
| Iris Investigate API | Iris Enrich API | |
|---|---|---|
| Rate Limit | 10/minute | 60/minute |
| API Complexity | Single REST Endpoint | Single REST Endpoint |
| Optimization | Data Thoroughness | Fast Response |
| Domain Profiles | Always included | Always included |
| Pivot Counts | All fields | - |
| Risk Score | Included, with evidence | Included |
| Batch Processing | Up to 100 domains/call | Up to 100 domains/call |
| Pivots | One endpoint, most fields | - |
| Query Allocation | Shared with Iris web app | Independent service levels |
| Packaging | Included with Iris | Sold Separately |
| Monitoring | With a query parameter | Domains Only |
Support & Learning
A selection of documents and materials related to DomainTools industry topics.
API Documentation
Technical product documentation for an in-depth view of features and functionality.
Related Products
Our security products can help you find out if a domain name is risky, who's behind it, and what other cyber-assets are associated with it.
Monitoring Products
Track many different kinds of information and receive alerts as soon as changes are detected.