Attackers use domains creatively to phish targets or to bypass proxies as they seek to set up a command and control channel.
PatternEx's Active Contextual Modeling (ACM) technology creates AI models on the fly to detect malicious activity across various stages of the Kill Chain. How does it do this? First, ACM extracts a variety of behaviors for entities ranging from domains, users, IP, hosts, et cetera. ACM then creates custom models at each deployment by engaging security analyst to learn good from bad in that environment.
PatternEx aggregates this learning globally to create global predictive models. These models are then locally adapted to a given customers' environment thereby accelerating the virtuous loop of improving AI.
We are opening up access to our domain-based global AI models that we have trained so far. Simply enter a suspicious domain to the AI, click "analyze" and you can see how likely a given domain in your environment is either a phishing domain or is being generated from DGA.
Please contact us if you have questions or would like an API access.
Check your domains here: