Skip to content

Cybersecurity professionals lament losing of access to WHOIS database

keyboard

January 4, 2019

[EXCERPT] One of the tools that cybersecurity professionals have historically relied on is access to a WHOIS database, a publicly shared list of records relating to domain names that includes the dates when these were registered, updated, or are due to expire as well as contact details such as the names of individuals or organizations, physical location, phone number, and email address of the domain owners and the IT staff tasked with maintaining them.

But now much of that data is being removed to comply with the mandates of the General Data Protection Rule (GDPR) rule enacted by The European Union. Without access to that data it becomes a lot more challenging to white list domains of known trusted entities versus all the fake domains that cybercriminals rely on to launch malware that needs to communicate back to a command and control mechanism somewhere on the Web.

WHOIS provides valuable information that gives cybersecurity analysts a fair amount of context in terms of how likely it is that a given domain is good or bad, notes Harold Byun, vice president of products and marketing for Baffle, a provider of data encryption tools. Restricting access to this information results in a valuable loss of information that cybersecurity teams can use in their arsenal to counter attackers, adds Byun …

(link to the article)

Join our newsletter

Schedule a Demo with the Baffle team

Meet with Baffle team to ask questions and find out how Baffle can protect your sensitive data.

Easy

No application code modification required

Fast

Deploy in hours not weeks

Comprehensive

One solution for masking, tokenization, and encryption

Secure

AES cryptographic protection

Flexible

No impact to user experience