{"id":992,"date":"2018-06-04T15:49:28","date_gmt":"2018-06-04T15:49:28","guid":{"rendered":"https:\/\/live-infoblox-blog.pantheonsite.io\/?p=992"},"modified":"2020-05-06T10:27:05","modified_gmt":"2020-05-06T17:27:05","slug":"faster-threat-hunting-with-new-and-improved-dossier","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/","title":{"rendered":"Faster Threat Hunting with New and Improved Dossier"},"content":{"rendered":"<p>Dossier is a threat indicator research tool that provides additional information on URLs, domains, and IP addresses by automatically aggregating contextual information from dozens of sources. It empowers threat analysts to obtain a complete view of the relationships and evolution of domains, IPs, and file hashes. Dossier\u2019s rich threat intelligence adds the security context needed to uncover and predict threats and empowers the analysts to make accurate decisions quickly and with greater confidence.<\/p>\n<p>While it is a compelling and comprehensive threat investigation platform, overtime\u00a0we observed typical user behavior and identified the need to further\u00a0refine the user interface to better align with their day-to-day workflows.<\/p>\n<p>The new and improved user interface of Dossier now includes the following:<\/p>\n<ul>\n<li><strong>Cleaner look:\u00a0<\/strong>The new Dossier offers a clean and modern design by using newer user interface design patterns which can help the analyst to take a look at huge amounts of information about a threat. For example, the visual interaction of the active indicators is such that it gives a broader view of the different data types.<\/li>\n<li><strong>Improved findability<\/strong>: We have also adopted a user-centric approach for enabling the threat analysts to find information and facilitating their decision-making process of taking action about the threat. The related information is better collated and presented in a format that is more rich and holistic to the threat analysts for better investigation. For instance, the timeline has been developed using information from various feeds that Infoblox has access to. If SURBL at some point classified a domain name as a threat, other feeds can classify that domain as malicious at a later time and give an indication of a potential threat to the threat analyst.<\/li>\n<li><strong>Focus on providing better contextual information:<\/strong>\u00a0We have also focused on giving richer context where threat analysts can easily identify and recognize threats more intuitively. This means that the information is organized in such a fashion that it follows the natural progression of thinking within threat analysts when they conduct a forensic research of a threat. For instance, the WhoIs information is now on the top of the page rather than on the bottom because that is the first thing a threat analyst would check in their workflow.<\/li>\n<\/ul>\n<p>The above enhancements make it more intuitive to consume large amounts of threat data and context in making informed decisions.<\/p>\n<p>Here are examples of some important changes made as part of the redesign:<\/p>\n<h2 id=\"toc-hId--1333251560\">Summary View of Indicator<\/h2>\n<p>Dossier now has a new section containing a brief overview of the queried domain which\u00a0provides the threat analyst an ability of prequalifying and prioritizing it for further investigation. It provides consolidated information on various facets of the threat. It includes the subscribed data provider reported on the indicator and when the indicator was &#8216;first reported on&#8217; and by which subscribed data provider. It also provides information about when the indicator was &#8216;last reported on&#8217; and by which subscribed data provider, whether the indicator is currently active or not, and a \u2018Record Contains\u2019 summary of what content is made available for that indicator further down on the details page.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-996\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-overview-section.png\" alt=\"Dossier Overview Section\" width=\"600\" height=\"226\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-overview-section.png 600w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-overview-section-300x113.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/p>\n<h2 id=\"toc-hId--445747879\">Active Indicators by Data Type<\/h2>\n<p>Dossier now has a graph that plots the number of active IPs, hostnames, and URLs during the last 30 days.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-993\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-active-indicators.png\" alt=\"Dossier - Active Indicators\" width=\"600\" height=\"451\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-active-indicators.png 600w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-active-indicators-300x226.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/p>\n<h2 id=\"toc-hId-1329259483\">Active Indicators by Threat Class and Property<\/h2>\n<p>Dosser now lists the number of currently active threat classes and properties.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-1003\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-threat-class-property.png\" alt=\"Dossier - Active Indicators by Threat Class and Property\" width=\"483\" height=\"600\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-threat-class-property.png 483w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-threat-class-property-242x300.png 242w\" sizes=\"auto, (max-width: 483px) 100vw, 483px\" \/><\/p>\n<h2 id=\"toc-hId--2078204132\">Timeline<\/h2>\n<p>The timeline, another new addition to Dossier, lets you get a sneak peek to the journey of the queried domain. The timeline offers the historical journey of the indicator\u2019s track record and lets the threat analyst view the details organized in a chronological fashion. The details include\u00a0when the domain was registered \/ updated \/ expired, what IP and when the domain last resolved to for hosting history, when the indicator was first and last reported on, by which data provider, and how was it classified.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-1004\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-timeline.png\" alt=\"Dossier - Timeline\" width=\"600\" height=\"212\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-timeline.png 600w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-timeline-300x106.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/p>\n<h2 id=\"toc-hId--1190700451\">Related Domains and Sub Domains with URLs and IPs<\/h2>\n<p>Dossier now shows report from various sources about the malicious activity on related domains and subdomains. This works for both URLs and IPs and provides an aggregated view on domains\/subdomains and URLs and IPs related to the indicator across multiple sources of data. This includes data found within the ActiveTrust subscription, partner data if subscribed to, PDNS, and from our Malware Analysis sources. Before, the user had to look across the various sources to piece together this information. This fragmentation often lead to this information to be disjointed and difficult to aggregate.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-999\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-related-domain-subdomains.png\" alt=\"Dossier - Related Domains\/Subdomains\" width=\"597\" height=\"94\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-related-domain-subdomains.png 597w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-related-domain-subdomains-300x47.png 300w\" sizes=\"auto, (max-width: 597px) 100vw, 597px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-1001\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-related-urls.png\" alt=\"Dossier - Related URLs\" width=\"600\" height=\"212\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-related-urls.png 600w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-related-urls-300x106.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-1000\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-related-ips.png\" alt=\"Dossier - Related IPs\" width=\"599\" height=\"216\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-related-ips.png 599w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-related-ips-300x108.png 300w\" sizes=\"auto, (max-width: 599px) 100vw, 599px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-994\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-domain-info.png\" alt=\"Dossier - Domain Info\" width=\"600\" height=\"120\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-domain-info.png 600w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-domain-info-300x60.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/p>\n<h2 id=\"toc-hId--303196770\">Related Contacts and File Samples<\/h2>\n<p>Dossier now makes it easy to access the contact information of the registrants of the queried domain. The downloading of the file samples from various samples will also enable the threat analyst to make quick decisions that are more accurate.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-998\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-related-contacts.png\" alt=\"Dossier - Related Contacts\" width=\"600\" height=\"80\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-related-contacts.png 600w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-related-contacts-300x40.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-995\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-file-samples.png\" alt=\"Dossier - File Samples\" width=\"600\" height=\"115\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-file-samples.png 600w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-file-samples-300x58.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/p>\n<h2 id=\"toc-hId-584306911\">WHOIS Information<\/h2>\n<p>Dossier includes WHOIS information which combined with other data and historical patterns can be utilized to provide useful signals about domains shortly after their registration. It\u00a0contains information such as the name and contact information of the Registrant (who owns the domain), the name of the registrar (the organization that registered the domain name), the registration dates, the most recent update, and the expiration date.<\/p>\n<p>While investigating the threat actors, the threat analyst had to look all the way at the bottom of the page in our older user interface. However now to mimic the real-world workflow of our threat analysts, the WhoIs data is located on the top of the page so that the threat analyst can now easily take a look at the WhoIs information to understand infrastructure and threat actors at the first go.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-997\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-raw-whols.png\" alt=\"Dossier - Raw Whols\" width=\"600\" height=\"141\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-raw-whols.png 600w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-raw-whols-300x71.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/p>\n<h2 id=\"toc-hId-1471810592\">Search Trail<\/h2>\n<p>Dossier now shows the trail of all the search queries made in a session. You can pivot on any search query in the trail and figure out the relationship between different domains. For instance, in the example below, the threat analyst started with an initial URL and pivoted on various IP address and domains and subdomains while conducting the investigation. The threat analyst can at any time click on any of the chips to go to any of the queries that they had made in the course of the investigation.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-1002\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dossier-search-trail.png\" alt=\"Dossier - Search Trail\" width=\"600\" height=\"75\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-search-trail.png 600w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dossier-search-trail-300x38.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/p>\n<h2 id=\"toc-hId--1935653023\">Conclusion<\/h2>\n<p>New Dossier UI provides cleaner design, more context for threat identification and closer alignment with real-world workflows for threat hunting.\u00a0\u00a0It now provides more context to identify dangerous threats requiring immediate action, and makes it easier to mine data resulting in faster cyber threat investigation.<\/p>\n<p><strong>To see the the New Dossier in action , check out the the link:\u00a0<a href=\"https:\/\/www.youtube.com\/watch?v=QsjZ88X7WGU&amp;feature=youtu.be\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">https:\/\/www.youtube.com\/watch?v=QsjZ88X7WGU&amp;feature=youtu.be<\/a><\/strong><\/p>\n<p><strong>Even better, Evaluate ActiveTrust\u00ae free for 30 days by clicking the link below:\u00a0<a href=\"http:\/\/info.infoblox.com\/resources-evaluations-activetrust-bundles?utm_source=blox-community&amp;utm_campaign=community-q2\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">http:\/\/info.infoblox.com\/resources-evaluations-activetrust-bundles<\/a>.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Dossier is a threat indicator research tool that provides additional information on URLs, domains, and IP addresses by automatically aggregating contextual information from dozens of sources. It empowers threat analysts to obtain a complete view of the relationships and evolution of domains, IPs, and file hashes. Dossier\u2019s rich threat intelligence adds the security context needed [&hellip;]<\/p>\n","protected":false},"author":202,"featured_media":894,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[3],"tags":[16,15],"class_list":{"0":"post-992","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-community","8":"tag-infoblox","9":"tag-security","10":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Faster Threat Hunting with New and Improved Dossier<\/title>\n<meta name=\"description\" content=\"Dossier is a threat indicator research tool that provides additional information on URLs, domains, and IP addresses by automatically aggregating contextual information from dozens of sources.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Faster Threat Hunting with New and Improved Dossier\" \/>\n<meta property=\"og:description\" content=\"Dossier is a threat indicator research tool that provides additional information on URLs, domains, and IP addresses by automatically aggregating contextual information from dozens of sources.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-04T15:49:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-06T17:27:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/threatindexblog.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"660\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Harshamal Hotra\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Harshamal Hotra\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/\"},\"author\":{\"name\":\"Harshamal Hotra\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/6517e8f671a8adfaac08bb13d4f6ab12\"},\"headline\":\"Faster Threat Hunting with New and Improved Dossier\",\"datePublished\":\"2018-06-04T15:49:28+00:00\",\"dateModified\":\"2020-05-06T17:27:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/\"},\"wordCount\":1119,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/threatindexblog.jpg\",\"keywords\":[\"Infoblox\",\"Security\"],\"articleSection\":[\"Community\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/\",\"name\":\"Faster Threat Hunting with New and Improved Dossier\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/threatindexblog.jpg\",\"datePublished\":\"2018-06-04T15:49:28+00:00\",\"dateModified\":\"2020-05-06T17:27:05+00:00\",\"description\":\"Dossier is a threat indicator research tool that provides additional information on URLs, domains, and IP addresses by automatically aggregating contextual information from dozens of sources.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/threatindexblog.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/threatindexblog.jpg\",\"width\":660,\"height\":454,\"caption\":\"IPv6 and Internet Privacy\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/faster-threat-hunting-with-new-and-improved-dossier\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Community\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/community\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Faster Threat Hunting with New and Improved Dossier\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/6517e8f671a8adfaac08bb13d4f6ab12\",\"name\":\"Harshamal Hotra\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e57a35c0c721bf81f63bab8e4a6927d563e9bf2f367c3724aaa1db95a0779be2?s=96&d=blank&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e57a35c0c721bf81f63bab8e4a6927d563e9bf2f367c3724aaa1db95a0779be2?s=96&d=blank&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e57a35c0c721bf81f63bab8e4a6927d563e9bf2f367c3724aaa1db95a0779be2?s=96&d=blank&r=g\",\"caption\":\"Harshamal Hotra\"},\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/harshamal-hotra\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Faster Threat Hunting with New and Improved Dossier","description":"Dossier is a threat indicator research tool that provides additional information on URLs, domains, and IP addresses by automatically aggregating contextual information from dozens of sources.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/","og_locale":"en_US","og_type":"article","og_title":"Faster Threat Hunting with New and Improved Dossier","og_description":"Dossier is a threat indicator research tool that provides additional information on URLs, domains, and IP addresses by automatically aggregating contextual information from dozens of sources.","og_url":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/","og_site_name":"Infoblox Blog","article_published_time":"2018-06-04T15:49:28+00:00","article_modified_time":"2020-05-06T17:27:05+00:00","og_image":[{"width":660,"height":454,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/threatindexblog.jpg","type":"image\/jpeg"}],"author":"Harshamal Hotra","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Harshamal Hotra","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/"},"author":{"name":"Harshamal Hotra","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/6517e8f671a8adfaac08bb13d4f6ab12"},"headline":"Faster Threat Hunting with New and Improved Dossier","datePublished":"2018-06-04T15:49:28+00:00","dateModified":"2020-05-06T17:27:05+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/"},"wordCount":1119,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/threatindexblog.jpg","keywords":["Infoblox","Security"],"articleSection":["Community"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/","url":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/","name":"Faster Threat Hunting with New and Improved Dossier","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/threatindexblog.jpg","datePublished":"2018-06-04T15:49:28+00:00","dateModified":"2020-05-06T17:27:05+00:00","description":"Dossier is a threat indicator research tool that provides additional information on URLs, domains, and IP addresses by automatically aggregating contextual information from dozens of sources.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/threatindexblog.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/threatindexblog.jpg","width":660,"height":454,"caption":"IPv6 and Internet Privacy"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/community\/faster-threat-hunting-with-new-and-improved-dossier\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Community","item":"https:\/\/www.infoblox.com\/blog\/category\/community\/"},{"@type":"ListItem","position":3,"name":"Faster Threat Hunting with New and Improved Dossier"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/6517e8f671a8adfaac08bb13d4f6ab12","name":"Harshamal Hotra","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/e57a35c0c721bf81f63bab8e4a6927d563e9bf2f367c3724aaa1db95a0779be2?s=96&d=blank&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e57a35c0c721bf81f63bab8e4a6927d563e9bf2f367c3724aaa1db95a0779be2?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e57a35c0c721bf81f63bab8e4a6927d563e9bf2f367c3724aaa1db95a0779be2?s=96&d=blank&r=g","caption":"Harshamal Hotra"},"url":"https:\/\/www.infoblox.com\/blog\/author\/harshamal-hotra\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/992","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/202"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=992"}],"version-history":[{"count":3,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/992\/revisions"}],"predecessor-version":[{"id":3996,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/992\/revisions\/3996"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/894"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=992"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=992"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=992"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}