Versions Compared

Old Version 13

changes.mady.by.user Gary Leicht

Saved on

compared with

New Version 14

changes.mady.by.user Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Dossier Summary report provides a comprehensive overview of threat indicator information, including DNS records, domain/subdomain count, URL count, and IP count.

  • The Summary report displays a representative screenshot of queried domains.
  • Infoblox Intelligence section includes Web Category, TLD Score, and Nameserver Reputation.
  • The report also contains features like Categorizations and Lookalike Detection.
  • It provides links to generated summary detail reports resulting from conducting a Dossier search.
  • Sensitive content is blurred with categories such as Terrorism and Pornography.

Reported Threat Classes and Properties

For information on the threat classes and properties reported, see the Infoblox Threat Classification Guide located at Cloud Services Platform > Research > Resources Classification Guide. To view the full guide without logging into the Cloud Services Portal, see Infoblox Threat Classification Guide

Image: An example Dossier Summary Report page. 

...

  • Web Category: The web category the indicator is a member.
  • Info: Information about the threat indicator. 
  • TLD Score: The risk score for the TLD calculated from the TLD's confidence, rarity, and popularity scores.  
  • Nameserver Reputation: Displays information on the domains associated with the nameserver, along with information on the nameserver's confidence, rarity, and popularity. The reputation of the nameserver is established based on the nameserver's confidence, rarity, and popularity scores. 
  • DNS Ranking: The DNS ranking as determined by Infoblox. Information on its query rank is also provided.
  • Threat Property: The threat property associated with the indicator. Information on its query rank is also provided.
  • Industry DNS Rank: A consensus rank determined by the aggragate of rankings provided by industry sources. Information on its query rank is also provided.

Dossier Search:  Copy or paste your indicator search parameters into the search field followed by clicking Search to initiate an indicator search. The Dossier search feature accomodates searches for domains, IP addresses, hostnames, URLs, email, or hash value.

call-out D

Task Navigation Menu: Click on one of the icons to perform a task.


Image: The task navigation menu. 

...

When available, the top navigation bar also displays a clickable link where you can find additional information on the indicator.  

call-out EImage Modified

Dossier Search:  Copy or paste your indicator search parameters into the search field followed by clicking Search to initiate an indicator search. The Dossier search feature accomodates searches for domains, IP addresses, hostnames, URLs, email, or hash value. 

call-out F

Resources: Click Resources and select an option from the drop-down menu to view a Dossier resource.

...