Versions Compared

Old Version 6

changes.mady.by.user Gary Leicht

Saved on

compared with

New Version 7

changes.mady.by.user Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Threat Intel includes the latest analysis, alerts, advisories, and reports from the Infoblox Threat Intel team focusing on threat actors persisting in DNS. Infoblox automatically detects and tracks clusters of newly registered and deployed domains likely controlled by the same threat actor. Connections between these clusters assist in consistently monitoring a threat actor. We use our animal taxonomy to formally name actors when we can oversee their infrastructure and have conducted thorough research. The results include both automatically generated and specifically named actors identified within your network.

...

Under Threat Actors in Your Environment tab is displayed a list of threat actors observed in your environment. Each reported threat actor in your environment includes detailed information about the specific threat actor.

With the release of the “Threat Actors In Your Environment” reports, the Threat Labs reports have been deprecated.

...


This page highlights the threat actors discovered in your network along with other details about the threat actor, including:

  • Description: A concise overview of the threat actor from Infoblox Threat Intel.

  • Total Domain Count: The total number of occurrences of the threat actor on domains identified by Infoblox Threat Intel.

  • Domains in Your Network: The domains in your network your where the threat actor has been identitifed . Click the link to view information about the threat domain on the Infoblox blog.

  • Domains Not in Your Network: The occurrences of the threat actor on domains not within your network as identified by Infoblox Threat Intel.

  • Active Threat Domains Discovered by infoblox: This section highlights the threat actors discovered in your network. This section also displays how early Infoblox discovered a threat actor in your network. Additionally, this section provides the following information:

    • The name of the domain in your network and its associated threat.

    • A dropdown list of domains within your network associated with the threat. Click on a listed threat domain to view detection details on the Infoblox Threat Intel Blog.

    • A schematic diagram depicting the timeline of detection from intial detection to final outcome, showing:

      • When Infoblox first detected the threat domain (far left side of timeline).

      • Date when other vendors discovered the domain.

      • Duration during which Infoblox protected your network from this threat domain.

      • Last seen date for the threat domain based on DNS traffic records.

threat_actor_report.PNGImage Added

Infoblox Threat Intel Blog

...