Recent Posts
- Google partners with UN on aids.day, womens.day and more
- Guy wants to be ICANN CEO and turn off 1.5 million Iranian domains
- ICANN kicks the can on .org price cap defeat
- No masks required at ICANN Cancun
- sex.com for sale, but it’s not a domain deal
- ICANN to be told to stop pussyfooting on new gTLDs
- New ICANN boss makes encouraging noises on new gTLDs
- Verisign loses prestige .gov contract to Cloudflare
- Wanted: a gTLD to ban
- Interview: Sandeep Ramchandani on 10 years of Radix and new gTLDs
- sex.xyz sells at $11,000 loss as premium renewal kicks in
- IRP panel tells ICANN to stop being so secretive, again
- Nominet blew six figures vanity-publishing ex-CEO’s book
- New gTLDs grow in China as .cn regs slide
- Domainers grumble as GoDaddy cranks up commission fees
- Namecheap says it won legal fight over .org price caps
- Identity Digital sees abuse up a bit in Q3
- UDRPs up in 2022, firm says
- More details on ICANN’s CEO handover
- Merry Christmas! Marby finally out as ICANN CEO
- ICANN loses another dot-brand, this one in use
- Abuse crackdown likely in next gTLD registrar contract
- ICANN expects to approve Whois Disclosure System next month
- .music gets its first live web site
- CentralNic buys a bunch of web sites for $5.2 million
- Industry outlook gloomy for next year, predicts ICANN
- Content police? ICANN mulls bylaws change
- ICANN bloat to continue as new gTLD program begins
- ICANN spunks a year, $9 million, on new gTLD plans destined for trashcan
- Crawford QUITS as CentralNic CEO
- Drop-catcher adds 100 more registrars after rapid growth
- Domain universe shrinks again: .com and .cn down, .au up
- New gTLD applications to cost about $250,000
- Macy’s scraps .macys gTLD
- Elon Musk chaos credited with surge in .social regs
- InternetNZ says sorry for “institutional racism”
- Melbourne IT to relaunch, return to roots, after $3.4 million acquisition
- Registrars CAN charge for Whois, ICANN grudgingly admits
- New new gTLD registry in town as Rostam buys UNR
- Stop me if you’ve heard this…
- Verisign growth slows with post-Covid blues
- CentralNic gobbles up another registrar
- Blind auditions underway for ICANN’s supreme court
- Right-wing YouTube bought rumble.com from founder for $477,077
- You can’t appeal a UDRP appeal, ICANN Ombudsman says
- Unstoppable Domains stops over 116,000 domains as alt-root TLD goes dark
- CentralNic expects to blow past revenue estimates
- [Guest Post] Hey ICANN: Reporters are not the enemy
- Is ICANN toothless in the face of DNS abuse?
- ICANN to mull bulk registration ban
- .au adds 100,000 names in days after 2LD floodgates open
- Registry launches Ukrainian domains for Russian-occupied region
- DNSSEC claims another ccTLD victim
- Taliban seizing domains to silence journalists
- McCarthy wins Nominet director election
- Nominet “gaslighting” members over fees, candidate claims
- ICANN dodges bullet as American elected to ITU top job
- Identity Digital publishes treasure trove of abuse data
- Paraguay to chair the GAC
- Nominet may owe its members millions, top lawyer says
- ICANN approves ccTLD-killer policy
- .br tops five million names
- ICANN returning to Puerto Rico
- Ukrainians urged to “de-Russify” their domains
- .au passes four million names as 2LDs surge
- .com and .net are the drag factor on domain industry growth
- Nominet gets new CFO
- It’s ICANN versus the blockchain in Kuala Lumpur
- ICANN to “stand up” to Russia at the ITU
- Surprise new chair for ICANN announced
- PIR will launch .giving next month with unusual landrush rules
- Last-minute bombshell in Nominet election — it may be ILLEGAL
- ICANN finished year $24 million ahead but loses $29 million on the markets
- CentralNic picks up marketing firm for up to $19 million
- Whois Disclosure System to cost up to $3.3 million, run for one year
- ICANN director’s registry CEO job up for grabs
- MarkMonitor to join Newfold in $300 million deal
- New ICANN contracts chart the death throes of Whois
- Kiwi Farms domain lands at Epik
- CentralNic passes on abandoned dot-brand
- Cloudflare blocks anti-trans site for “emergency threat to human life”
- GoCompare makes a big bet on a new gTLD
- Epik replaces Monster with younger clone
- Alt-root .eth is getting very big, very fast
- ZADNA under fire over “heavy-handed” new rules
- Identity Digital to release 5,000 reserved names
- Millions of .cn domains disappear
- ICANN throws out prostitution complaint
- CentralNic revenue almost doubles
- Drug dealer sells blunt.com for $165,000
- Did a sexy Russian spy nerf the o.com auction?
- Cancelled misogynist Andrew Tate moves domain to (drumroll)… Epik!
- Google reveals launch dates for two new gTLDs
- Ducos a shoo-in for GNSO Council chair
- NameSilo reports revenue up 33%
- Adoption light with four weeks to .au’s 2LD deadline
- It’s hustings season at Nominet
- ICANN rushes mystery directors onto board in apparent bylaws breach
- ICANN staffing up for next new gTLD round
- Radix premium revenue hits $3.8 million in first half
- GoDaddy shutters Twitter accounts after MMX deal
- nickel.com sells for a hell of a lot more than a nickel
- German motoring club dot-brand crashes out
- Verisign to crack down on Chinese domains
- Whois Disclosure System likely over a year away
- Belgium slashes its ICANN funding in “mission creep” protest
- Diversity takes a hit as NomCom replaces two ICANN directors with newcomers
- RDNH loser files second appeal
- Group crowdfunding crypto to apply to ICANN for blockchain gTLD
- Buyer “phasing out” domain “bought for $2.2 million”
- ShortDot drops premium fees on millions of domains
- Tucows’ domains business stagnates again in Q2
- Malaysia relaxes travel restrictions ahead of ICANN 75
- GMO to sell Unstoppable’s crypto domains
- More rules, but cozier ICANN 75 expected
- India offers dollar regs to celebrate independence
- auDA updates on 2LD .au sales
- At $15 million, nfts.com becomes second-biggest domain sale ever
- Now Nokia scraps a dot-brand
- InternetNZ appoints new CEO
- Looks like XYZ bought another gTLD
- Bugatti dumps dot-brand under new owners
- In pictures: from tuk-tuks to cheese wheels, every ICANN national stereotype 2016-2022
- Did ICANN pay for most meeting attendees to show up in The Hague?
- Verisign announces ANOTHER price increase as regs slide
Architelos offers entry-level NameSentry
Kevin Murphy,
November 24, 2013, 11:45:58 (UTC),
Domain Services
New gTLD software provider Architelos has released a cheaper version of its flagship NameSentry security compliance tool.
NameSentry Lite strips out the automated workflow and mitigation components found in the original, leaving the core threat reports and statistics intact.
It’s designed for smaller TLDs that don’t expect to see a lot of malware or phishing in their zones and it’s priced starting at $139 a month for a TLD with under 5,000 domains under management.
That’s about $100 cheaper than the standard NameSentry, which is geared more towards mitigation and has monthly charges ranging from $249 to $3,999, depending on zone size.
Boutique gTLDs and large portfolio registries such as DotKiwi and Donuts are early customers of the more-expensive version.
Is Architelos the only company providing this kind of tool? I need something like this for my TLD, but it would be nice to see some other options.
I’m not aware of anyone else doing the workflow stuff, but DI PRO has TLD Health Check if it’s metrics you’re looking for.
Artemis / NCC Group Safe TLD service seems to be targeted to the new RA specs as well, but I couldn’t find something online about it.
Netcraft and Team Cymru also have commercial offerings that combined can fulfill the requirements, but combining can also be done on cheaper or free alternatives to build a DIY solution.
Rubens et al.
Netcraft is a great service and you can find more info on their anti-phishing service here http://www.netcraft.com/anti-phishing/
To be clear, NameSentry is different as it encompasses a wider range of abuse types (not just phishing, but also malware, botnets and even spam).
The NameSentry portal option includes automated mitigation workflows which can be customized to the abuse policies and procedures of any given gTLD or ccTLD. Lastly, our prices are posted on our website, as are the terms. A TLD can even choose a month to month option (so no long term contract or financial commitment).
So to compare – a DIY option would involve not only buying various datafeeds, (or standalone monitoring and analysis services for say phishing) for different abuse types, but also aggregating and normalizing the info, and then either doing notification and mitigation steps manually (so personnel in ops/customer service, or abuse analysts) or building and maintaining the system to automate mitigation steps and then document and archive an audit record. In terms of core competencies (and putting the issue of upfront and continued commitment of capital and HR resources aside) not every registry or registrar has the core competency to do this, and do it well enough to stake their contractual compliance on it.
So it is a question of what do you want to focus on and what should be outsourced.
Hope that helps
RA specs on this do not require specific accuracy levels, so contractual compliance is not that much of a risk in this regard. I can see reasons for either DIY or outsourcing considering the whole picture, including end-user perception and corporate social responsibility, but they are all carrots. No actual sticks here.
Thanks for this info. I’m running a single registrant, closed TLD and not expecting too many domains, so I just need whatever is considered compliant.
http://www.selectrealsecurity.com/public-block-lists and http://www.surbl.org/lists have lists of lists and getting thru those would already qualify as going thru reported threats. It needs to go somewhat beyond what is reported directly to the registry, but there is no actual service level or accuracy target on the agreement, so you don’t need to know all threats or try knowing an specified % of those.
The text in the agreement is very non-specific as can be seen below.
FYI
I have copied the specific Spec in the Registry Agreement below.
Specification 11 3.b:. “Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request.”