Recent Posts
- It’s pandemic continuity versus gender diversity in ICANN’s board wish-list
- Free domains for .in registrants
- Here’s why two ICANN directors opposed extending Marby’s CEO contract
- Rules for the next new gTLD round near the final straight
- Island demands return of its “naked” ccTLD
- Donuts punter welcomes our new alien overlords in December premium sale
- Net 4 India gets unwelcome Christmas gift from ICANN
- Fuji Xerox kills off gTLD after rebrand
- EURid suspends 80,000 domains as Brexit transition ends
- GoDaddy’s female geeks make a bit more than men
- Donuts acquisition of Afilias closes, integration work begins
- GoDaddy pranks employees with “insensitive” phishing test
- US sneaks public Whois demands into pandemic relief bill
- Verisign drops half a mill on pandemic relief
- Mixed messages from ICANN on pandemic travel in 2021
- ICANN predicts rosy post-pandemic domain industry — time to start panicking?
- DI World Global International Headquarters is relocating
- ICANN throws the book at Net4 over dodgy transfer claims
- Fraud checks coming to .ch as SWITCH renews contract
- South African registry to be merged with film censor, broadband regulator
- There’s one obvious pick for next year’s ICANN Community Excellence Award
- ICANN could block Donuts from buying Afilias
- Westerdal offloads two more gTLDs to Donuts
- Whois privacy group finds its new chair
- Three more new gTLDs blink out of existence
- NamesCon Europe founder Dietmar Stefitz reportedly dies
- Credit union gTLD changes hands to perhaps surprising buyer
- After 20 years, DomainTools takes its first VC dough
- Gay charities get first taste of domain cash
- CIRA hits major .ca milestone on 20th anniversary
- .org made $97 million last year
- XYZ launches its beauty-themed gTLDs with slashed prices
- “Criminal” domain suspensions drop again in .uk but thousands of pandemic domains frozen
- NameSilo in profit as sales rise 11%
- CentralNic more than doubles revenue as parking business thrives
- WIPO handles 50,000th UDRP case as coronavirus drives complaints
- Brits get small reprieve in Brexit domain crackdown
- Vaccine agency to get more domain takedown powers next year
- Domain growth dropped off in Q3, says Verisign
- Donuts boss discusses shock Afilias deal
- GoDaddy has a secret weapon in its push into corporate domains
- Donuts acquires Afilias to create registry giant
- ICANN finally addresses Net 4 India meltdown, but mysteries remain
- Masochistic mug urgently wanted for thankless, pay-free ICANN leadership role
- ICANN made over $500k in secret lawyer payments over [REDACTED] legal dispute
- .spa registry relocates to .xyz
- .forum sunrise period will cost less than half the regular reg fee
- .trust finds a new home with UNR
- Web.com acquires Kiwi registrar Freeparking
- GoDaddy set to pay millions to settle robocalling class action
- Tributes as “great mentor” Marilyn Cade dies
- GoDaddy sees 12% growth in domains revenue
- One-letter .lu domains could be bought for peanuts
- Another domain firm going private as Endurance announces $3 billion deal
- Verisign increases focus on .com after flogging public DNS to Neustar
- Blood on the boardroom floor after MMX admits revenue screwup
- Angry investor sues for 30% of new .spa gTLD
- Amazon sold rights to .box gTLD for $3 million
- Big pharma firm dumps its gTLD
- Facebook to enter the retail registrar business?
- .web ruling might not come this year
- Verisign sells a million more domains than it did last year
- Free speech, or bad faith? UDRP panels split on Everything.sucks domains
- The internet just got its first proper new gTLD of the year, and the timing couldn’t be worse
- ICANN may not meet again for a looong time
- ICANN denies Whois policy “failure” as Marby issues EU warning
- These eight companies account for more than half of ICANN’s revenue
- Lockdown bump was worth $600,000 to ICANN, but end of Club Med saves 10x as much
- That .sucks weirdness? Worse than I thought
- Something weird’s going on at .sucks
- Are 25x price increases on the cards as XYZ corners the cars market?
- .gay and Star Trek star troll the right to promote new gTLD
- Forty weddings and a funeral? .wed is dead but may come up for auction
- Holy Scheisse! Did you know ICANN 69 starts TOMORROW?
- MMX probing accounting of mystery contract
- NamesCon will be back to in-person events next July
- .eu registry contract up for grabs
- EURid suspends and delays thousands of coronavirus domains
- .jobs plans to raise millions from premium names after dumping its sponsor
- Peaceful transfer of power? GNSO’s next chair is a shoo-in
- Two American women appointed to ICANN board
- Europe’s top dogs could decide the future of Whois
- ICANN playing ping-pong on closed generics controversy
- Has ICANN cut off its regulatory hands?
- Will you shut up, man? Trump takedown domain on sale for ridiculous fee
- MMX revenue down even as sales rise during pandemic
- This ICANN comment period is a Kafkaesque nightmare
- Could .cpa be the most successful new gTLD sunrise yet?
- ICANN 69 returning to YouTube
- Three-letter .blog domains priced up to $100k
- Whois plan approved, but it may be a waste of money
- Should YOU have to pay when lawyers access your private Whois info?
- Nominet shuts down “hostile” discussion forum
- Donuts to launch .contact next week
- GoDaddy denies weird front-running claim
- Is India’s largest registrar about to go titsup? And where the hell is ICANN?
- Webcentral rejects Web.com buyout bid for LOWER offer from Aussie telco
- Portugal reports lockdown boom continued through the summer
- No ICANN meetings until 2021
- ZADNA hikes up the price of .za domains
- Floodgates, open! Trademark Clearinghouse now supports .com
- Radix premium renewals approach $1 million
- GoDaddy could lose control of .co this week
- ICANN ordered to freeze .hotel after “serious questions” about trade secrets “theft”
- CentralNic parking boosts revenue even as its registrars suffer
- ICANN will spend $51,000 on your broadband
- Verisign measures the industry’s lockdown bump
- ICANN apologizes to “arms dealer” claim security firm after email goes missing
- Amazon waves off demand for more government blocks
- Told us so? Nominet ditches auctions plan, will charge drop-catchers higher fees instead
- Schreiber really did sue you all, sorry
- Fight over closed generics ends in stalemate
- New gTLD prices could be kept artificially high
- Here’s what’s in the NamesCon Online schwag bag
- New back-end approval program could reduce the cost of a new gTLD
- Single/plural gTLD combos to be BANNED
- ICANN might pay for your lockdown broadband
- The end of the beginning? ICANN releases policies for next round of new gTLDs
- It’s a CONSPIRACY! Canadian registrant “sues” pretty much everybody
- “Arms dealer” registrar probed by ICANN
- No lockdown bump for .eu as domain base shrinks in Q2
- After a year’s delay, .gay reveals launch dates
- ICANN names Egypt-based head of Istanbul office
- Countries ask Amazon for thousands more domain blocks
- Dot-brand fizzles out after acquisition
Architelos offers entry-level NameSentry
Kevin Murphy,
November 24, 2013, 11:45:58 (UTC),
Domain Services
New gTLD software provider Architelos has released a cheaper version of its flagship NameSentry security compliance tool.
NameSentry Lite strips out the automated workflow and mitigation components found in the original, leaving the core threat reports and statistics intact.
It’s designed for smaller TLDs that don’t expect to see a lot of malware or phishing in their zones and it’s priced starting at $139 a month for a TLD with under 5,000 domains under management.
That’s about $100 cheaper than the standard NameSentry, which is geared more towards mitigation and has monthly charges ranging from $249 to $3,999, depending on zone size.
Boutique gTLDs and large portfolio registries such as DotKiwi and Donuts are early customers of the more-expensive version.
Is Architelos the only company providing this kind of tool? I need something like this for my TLD, but it would be nice to see some other options.
I’m not aware of anyone else doing the workflow stuff, but DI PRO has TLD Health Check if it’s metrics you’re looking for.
Artemis / NCC Group Safe TLD service seems to be targeted to the new RA specs as well, but I couldn’t find something online about it.
Netcraft and Team Cymru also have commercial offerings that combined can fulfill the requirements, but combining can also be done on cheaper or free alternatives to build a DIY solution.
Rubens et al.
Netcraft is a great service and you can find more info on their anti-phishing service here http://www.netcraft.com/anti-phishing/
To be clear, NameSentry is different as it encompasses a wider range of abuse types (not just phishing, but also malware, botnets and even spam).
The NameSentry portal option includes automated mitigation workflows which can be customized to the abuse policies and procedures of any given gTLD or ccTLD. Lastly, our prices are posted on our website, as are the terms. A TLD can even choose a month to month option (so no long term contract or financial commitment).
So to compare – a DIY option would involve not only buying various datafeeds, (or standalone monitoring and analysis services for say phishing) for different abuse types, but also aggregating and normalizing the info, and then either doing notification and mitigation steps manually (so personnel in ops/customer service, or abuse analysts) or building and maintaining the system to automate mitigation steps and then document and archive an audit record. In terms of core competencies (and putting the issue of upfront and continued commitment of capital and HR resources aside) not every registry or registrar has the core competency to do this, and do it well enough to stake their contractual compliance on it.
So it is a question of what do you want to focus on and what should be outsourced.
Hope that helps
RA specs on this do not require specific accuracy levels, so contractual compliance is not that much of a risk in this regard. I can see reasons for either DIY or outsourcing considering the whole picture, including end-user perception and corporate social responsibility, but they are all carrots. No actual sticks here.
Thanks for this info. I’m running a single registrant, closed TLD and not expecting too many domains, so I just need whatever is considered compliant.
http://www.selectrealsecurity.com/public-block-lists and http://www.surbl.org/lists have lists of lists and getting thru those would already qualify as going thru reported threats. It needs to go somewhat beyond what is reported directly to the registry, but there is no actual service level or accuracy target on the agreement, so you don’t need to know all threats or try knowing an specified % of those.
The text in the agreement is very non-specific as can be seen below.
FYI
I have copied the specific Spec in the Registry Agreement below.
Specification 11 3.b:. “Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request.”