| CPC H04L 63/1416 (2013.01) | 20 Claims |
|
1. A method for detecting domain fronting within a network, the method comprising:
collecting, from a plurality of devices within the network, network data;
identifying, based at least in part on the network data, data associated with one or more hosting providers of a plurality of hosting providers, the data indicating potential support of domain fronting by the one or more hosting providers;
sending, to the one or more hosting providers and based on the data, one or more scans;
receiving, from the one or more hosting providers, result data associated with the one or more scans, the result data comprising indications of whether the one or more hosting providers support domain fronting; and
generating, based at least in part on the result data, an enhanced threat intelligence feed.
|