We are proud to introduce the automatic asset discovery of domains!
From now on, OnDOMAIN will be able to spot your potentially owned domains based on the ones you add to the Domains page. The data sources for these assets are Private Name Servers.
In order to help you with the search for these new entries, we have added a new column named Classification to the Activity page table. This new column will show different tags depending on the situation:
Asset: the lookalike domain is potentially an asset owned by your company.
Abandoned: the lookalike domain is potentially an asset owned by your company but has lacked DNS activity for a long time - it has likely been forgotten. It could still be purchased by a third party.
Note: the Classification column can also be empty. If this is the case, this is a standard lookalike domain and unlikely to be an asset.
Newly discovered name servers are opt-in and listed on the Settings page, where you can decide to exclude any Private Name Servers from further asset discovery attempts, as shown in the screenshot below:
Manually add lookalikes
OnDOMAIN automatically discovers potential lookalike domains based on the list you provide on the Domains page.
However, you may have observed additional lookalikes through other means, such as phishing email campaigns targeted at your company or your supply chain, that you wish to add to OnDOMAIN.
With the new Add lookalikes feature, you can manually add any lookalike domain using the button shown in the screenshot below.
This button will redirect you to a new page where you will be able to add new lookalike domains one by one or upload multiple lookalike domains at once with a CSV file, as shown below:
Before saving the new lookalike domains, you can also classify them upfront as either new, safe, or threat. Each classification will add the new lookalikes to the corresponding Activity table tab. In order to change the lookalike classification, select the ones you want using the checkbox column and use the Actions button that will become visible at the top-right of the table.
Any newly added lookalikes will take between 5 and 10 minutes to appear in the specified tab, as OnDOMAIN needs to perform a scanning process behind the scenes.
Finally, do not hesitate to combine this new feature with our takedown capabilities to start a takedown process on lookalike domains that may have been missed by OnDOMAIN!
Consistent CSV export
We have enhanced the CSV export functionality by making it more consistent. The CSV export button is now part of the Domains and Activity pages’ tables, integrated along with the Columns and Filters button, with the Export button becoming the third.
Clicking on the Export button will allow you to download a CSV file just like you used to do with the previous export button. However, the exported data will now match data visible on the table, based on the visible columns and any filters you may have applied.
More filter operators
We have increased the number of operators for character values in the columns of the different tables across OnDOMAIN (namely the ones from Activity and Domains pages).
The new operators are the not contain and the not equal operators.
These new operators will allow you to ignore one or more values you know are irrelevant to you in specific columns.
Takedown evidence files transferred again
We noticed that evidence files were uploaded successfully on the takedown details page, but when applying for takedown, they were not correctly transferred over to our takedown provider.
This issue has now been resolved now but let us know if you believe an evidence file that was previously uploaded was not considered during the associated takedown process.
OnDOMAIN is integrated with OnDMARC, Red Sift’s automated DMARC solution, as they are both built on the same platform.
In previous versions of OnDOMAIN, the domain transfer when selecting domains and clicking Add to OnDMARC from the Domains page was not functioning correctly.
This has now been fixed, so domains added to OnDMARC from OnDOMAIN will be correctly transferred to your OnDMARC account.
In order to make use of this feature, make sure to generate an OnDMARC API Key and add it to the Settings page in OnDOMAIN.