Recent Posts
- Selling off PIR, did ISOC just throw .org registrants under a bus?
- Rival dot-brand bidders in settlement talks, seek auction delay
- ICANN going back to Puerto Rico for a third time
- Montreal airport thinks DI is porn
- DI Leaders Roundtable #2 — Should we kill off “Whois”?
- Former NTIA chief Redl now working for Amazon
- Neustar’s .co contract up for grabs
- US official Heineman joins GoDaddy
- Web.com got pwned
- Surprise! ICANN throws out complaints about .org price caps
- Somber mood as ICANN 66 opens in Montreal
- America has Amazon’s back in gTLD fight at ICANN 66
- New (kinda) geo-TLD rules laid out at ICANN 66
- Emoji domains get a 😟 after broad study
- Industry veteran Jay Daley tapped to lead IETF
- Verisign likely to get its billion-dollar .com pricing windfall
- ICANN enters talks to kill off Whois for good
- Form an orderly queue: New Zealand wants a new back-end
- Brexit hell: .eu suspension plan put on hold
- DI Leaders Roundtable #1 — How many new gTLDs will be applied for next time around?
- Now you don’t have to live in the EU to register a .eu domain, but there’s a catch
- Spam is not our problem, major domain firms say ahead of ICANN 66
- Crunch time, again, for Whois access policy
- Google quietly launches .new domains sunrise
- After .org price outrage, ICANN says it has NOT scrapped public comments
- Hindu god smites Chrysler gTLD
- Top ICANN advisor Tarek Kamel dies at 57
- Three big changes could be coming to .uk
- Introducing… the DI Leaders Roundtable
- After killing the cows, what does the new Tucows logo remind you of?
- Radix acquires another gTLD
- .whoswho survives!
- Correction: the 10 most-used dot-brands
- Nominet raises .uk prices
- Registrar suspended over dodgy transfers
- Mediocre .vote gTLD drops restrictions
- ICANN’s babysitting fund goes live
- Claims auDA boss quit after he was busted for “falsified” law degree
- .bond domains could cost a grand each
- PIR’s “new” .org domain is just temporary. Help it pick another new one!
- MMX switches porn TLDs from Afilias to Uniregistry
- Argentina will use a lottery to decide 2LD landrush
- Sixty gTLD registries not monitoring security threats
- ICANN must do more to fight internet security threats [Guest Post]
- Bumper batch of dot-brands off themselves for Friday 13th
- .org price cap complaints more like “spam” says Ombudsman
- Botterman is new ICANN chair
- Another victory for Amazon as ICANN rejects Colombian appeal
- Kafka turns in grave as ICANN crowbars “useless” Greek TLD into the root
- Sorry, you still can’t sue ICANN, two-faced .africa bidder told
Architelos offers entry-level NameSentry
New gTLD software provider Architelos has released a cheaper version of its flagship NameSentry security compliance tool.
NameSentry Lite strips out the automated workflow and mitigation components found in the original, leaving the core threat reports and statistics intact.
It’s designed for smaller TLDs that don’t expect to see a lot of malware or phishing in their zones and it’s priced starting at $139 a month for a TLD with under 5,000 domains under management.
That’s about $100 cheaper than the standard NameSentry, which is geared more towards mitigation and has monthly charges ranging from $249 to $3,999, depending on zone size.
Boutique gTLDs and large portfolio registries such as DotKiwi and Donuts are early customers of the more-expensive version.
Is Architelos the only company providing this kind of tool? I need something like this for my TLD, but it would be nice to see some other options.
I’m not aware of anyone else doing the workflow stuff, but DI PRO has TLD Health Check if it’s metrics you’re looking for.
Artemis / NCC Group Safe TLD service seems to be targeted to the new RA specs as well, but I couldn’t find something online about it.
Netcraft and Team Cymru also have commercial offerings that combined can fulfill the requirements, but combining can also be done on cheaper or free alternatives to build a DIY solution.
Rubens et al.
Netcraft is a great service and you can find more info on their anti-phishing service here http://www.netcraft.com/anti-phishing/
To be clear, NameSentry is different as it encompasses a wider range of abuse types (not just phishing, but also malware, botnets and even spam).
The NameSentry portal option includes automated mitigation workflows which can be customized to the abuse policies and procedures of any given gTLD or ccTLD. Lastly, our prices are posted on our website, as are the terms. A TLD can even choose a month to month option (so no long term contract or financial commitment).
So to compare – a DIY option would involve not only buying various datafeeds, (or standalone monitoring and analysis services for say phishing) for different abuse types, but also aggregating and normalizing the info, and then either doing notification and mitigation steps manually (so personnel in ops/customer service, or abuse analysts) or building and maintaining the system to automate mitigation steps and then document and archive an audit record. In terms of core competencies (and putting the issue of upfront and continued commitment of capital and HR resources aside) not every registry or registrar has the core competency to do this, and do it well enough to stake their contractual compliance on it.
So it is a question of what do you want to focus on and what should be outsourced.
Hope that helps
RA specs on this do not require specific accuracy levels, so contractual compliance is not that much of a risk in this regard. I can see reasons for either DIY or outsourcing considering the whole picture, including end-user perception and corporate social responsibility, but they are all carrots. No actual sticks here.
Thanks for this info. I’m running a single registrant, closed TLD and not expecting too many domains, so I just need whatever is considered compliant.
http://www.selectrealsecurity.com/public-block-lists and http://www.surbl.org/lists have lists of lists and getting thru those would already qualify as going thru reported threats. It needs to go somewhat beyond what is reported directly to the registry, but there is no actual service level or accuracy target on the agreement, so you don’t need to know all threats or try knowing an specified % of those.
The text in the agreement is very non-specific as can be seen below.
FYI
I have copied the specific Spec in the Registry Agreement below.
Specification 11 3.b:. “Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request.”