Umbrella - jibingl/CCNA-CCNP GitHub Wiki

Investigate

Cisco Umbrella Investigate provides detection, scoring, and prediction of emerging threats. You can predict the likelihood that a domain, an IP address, or entire ASN may contribute to the origin of an attack or pose a security threat before an attack or threat occurs.

• Based on domain information gathered by the Umbrella Global Network.
• Smart Search: Search the Investigate database for data related to a domain, email address, file checksum, IP address, or AS number.
• Pattern Search: Search for a domain using a regular expression (RegEx). Best for a typosquatting attack.
• Passive DNS: Represents a stored collection of historical DNS resolution data. Umbrella Investigate maintains a large repository of passive DNS history.