WhoisXML API has launched the First Watch Malicious Domains Data Feed, which uses advanced deep learning technology to provide daily predictive threat intelligence, detecting malicious domains with high precision. This tool enhances the proactive capabilities of security operations centers and managed security service providers. Affected: WhoisXML API, Security Operations Centers (SOCs), Managed Security Service Providers (MSSPs)
Keypoints :
- Launch of First Watch Malicious Domains Data Feed by WhoisXML API.
- Utilizes deep learning neural network trained on billions of data points.
- Achieves 97% precision in detecting malicious domains within an hour of registration.
- Offers 12 times more coverage than other leading data feeds.
- Helps shift security strategies from reactive to proactive.
- Minimizes the risk of overblocking, limiting false positives.
- Streamlines development for security vendors and MSSPs, reducing R&D efforts.
- Supports the vision of a safer and more transparent Internet.
MITRE Techniques :
- TA0001 – Initial Access: Detects malicious domains before they can be weaponized.
- TA0040 – Impact: Minimizes the risk of overblocking critical services.
Indicator of Compromise :
- [domain] whoisxml.api
- [url] firstwatch.maliciousdomains.datafeed
- [others ioc] predictive threat intelligence
- [others ioc] deep learning neural network
- Check the article for all found IoCs.
Full Research: https://circleid.com/posts/whoisxml-api-launches-first-watch-malicious-domains-data-feed-with-97-predictive-precision