Compute
High-performance, scalable computing resources for your critical workloads. Orchestrate your cloud-native applications with our modern container solutions.
Discover the Compute offer
Virtual machines
VM Instances
An on-demand, flexible and secure virtual machine solution on a shared infrastructure.
Dedicated servers
OpenSource IaaS
Open source virtualised infrastructure in a trusted SecNumCloud-qualified cloud environment for complete technological sovereignty.
VMWare IaaS
Your VMware virtual machines in a trusted SecNumCloud-qualified and HDS-certified cloud environment.
Bare Metal
Dedicated, fully customisable servers for total autonomy over your sovereign infrastructure.
Containers
PaaS OpenShift
The unified platform for creating, modernising and deploying your large-scale applications in a sovereign cloud.
Managed Kubernetes
Managed container orchestration solution offering security, resilience and advanced automation on sovereign infrastructure.
Storage
Adaptable, high-performance storage solutions for all your needs. Optimise your data with our highly available block and object solutions.
Discover our Storage offer
Storage
Block storage
The adaptable block storage solution for optimum storage performance in a sovereign cloud.
Object storage
The scalable, cost-effective storage solution for your unstructured data in a sovereign cloud.
Backup
Backup solutions
Differentiated backup solutions tailored to your challenges and environments
Network
Advanced network solutions to connect and secure your infrastructures. Deploy your private networks automatically and securely.
Discover the Network offer
Network
Virtual Private Cloud
Deploy and manage your private networks 100% automatically and securely.
Private Backbone
Take full control of your network with extended Layer 2 connectivity, designed for hybrid architectures and bespoke configurations.
Firewall
Managed Firewall
Advanced security solutions for complete insulation and enhanced protection
Accommodation Dry
Housing - Dedicated space
Secure hosting for your equipment in a dedicated or shared environment, depending on your needs.
Security
Advanced security solutions to protect your critical infrastructures. Control access and defend against online threats.
Discover the Security offer
Detection
Sovereign SOC
A sovereign SOC offering operated 24/7, deployable from our marketplace, on SecNumCloud-qualified infrastructure.
Protection
Anti DDoS
The shield against online attacks
Bastion host
Transparent, centralised access control for robust protection of your infrastructure
Managed KMS
Sovereign cryptographic key management, with HSM hardware root of trust, to protect your most sensitive data on SecNumCloud infrastructure.
AI
Artificial intelligence solutions to transform your data into insights and accelerate your business processes.
Discover the AI offer
AI
LLMaaS
Access cutting-edge language models on a sovereign, SecNumCloud-qualified and HDS-certified infrastructure for high-performance, secure AI applications.
GPU
NVIDIA GPU instances to accelerate your artificial intelligence and high-performance computing in a sovereign cloud.
Data
Data solutions to manage, analyse and exploit your critical data.
Discover the Data offer
Databases
Managed MariaDB
A fully managed MariaDB relational database and PITR backup on SecNumCloud sovereign infrastructure.
Managed PostGreSQL
The fully managed relational database solution on SecNumCloud sovereign infrastructure
Big Data
Managed Kafka
The open-source distributed platform for streaming data in real time
Managed File System
A managed, sovereign, high-availability distributed file system, accessible via NFS and SMB on the SecNumCloud infrastructure.
Management & Governance
Coaching and support services to help you with your cloud transformation.
Find out about our support services
Support
Support levels
Discover the 3 levels of support available to help you meet your challenges.
Professional services
From design to optimisation, Cloud Temple is with you every step of the way.
Governance
Console – API – Terraform Provider – MCP
A single interface for viewing and managing your products and services
Observability
Infrastructure metrics available in market standards
Marketplace > Domain Name Monitoring with Analysis

Domain Name Monitoring with Analysis

By Nameshield

Detect and block fraudulent domain names that imitate your brand: continuous monitoring, human analysis and real-time alerts from Nameshield.

Overview

The solution from Nameshield Extended Monitoring automatically identifies, on a daily basis, newly registered domain names that resemble your brand, your products or your key names — before they can be used against you.

360° detection powered by AI

Our proprietary engine, based on artificial intelligence and natural language processing (NLP), analyses your brand as an extended entity: spelling variations, typographical variations, homographs, internationalised domain names (IDNs), words from the same lexical field… No cybersquatting strategy goes unnoticed.

Comprehensive data sources

  • Generic and country zone files (CZDS, Afnic OpenData)
  • Real-time Certificate Transparency Logs
  • Active DNS data across all gTLDs, ngTLDs and ccTLDs

A daily human analysis

Each detection is assessed by our specialist analysts: threat level, observed usage (phishing, redirection, active mail server, etc.), WHOIS/RDAP information, and a screenshot of the website. Critical threats trigger urgent real-time alerts, supplemented by a comprehensive weekly report.

Centralised monitoring via a SaaS platform and API

Access all the results from your dashboard or integrate the data directly into your tools via our REST API.

How to use

  1. Sign up for the offer via the Cloud Temple marketplace.
  2. Please provide Nameshield with the trade marks and names to be monitored.
  3. Nameshield sets up your monitoring area within 48 hours.
  4. Receive your urgent alerts in real time and your weekly report.
  5. In the event of a confirmed threat, initiate a remediation procedure (option available).

Support

As part of a monitoring programme involving analysis, our tools automatically detect the newly observed domain names featuring a strong orthographic and lexical similarity containing a trademark, a term or a surname that is subject to monitoring. The full set of results is analysed daily by our team, identifying true positives, classifying them and ranking them according to their threat level. Domain names classified as high-risk are the subject of urgent alerts sent by email as and when they are detected, and all domain names analysed during the week are included in a weekly report.

Our solution is based on input data: a brand name or name specific to the client (name of the organisation, name of a product, name of a project, surname of a senior executive, etc.). Based on this brand or name, all misleading and fraudulent domain names exploiting this term are identified, with no limit on the number of results.

Sources of data collected

We monitor the registration of domain names:

  • As and when they are published, in the zone files provided by generic registries (CZDS) and country registries that share their data; ;
  • Within the daily list of names registered by Afnic (OpenData); ;
  • In real time, in the certificate generation logs (Certificate Transparency Logs).

What’s more, we analyse live DNS data to round off our exploration of country code top-level domains (ccTLDs). We therefore monitor domain name registrations on the generic extensions (gTLD), the new extensions (ngTLD) as well as all country codes (ccTLD), i.e. all top-level and second-level domains.

This data is collected continuously and form the basis for identifying domain names that bear a resemblance to the trade mark or protected name. This identification is carried out once a day, and can be several times a day, if desired.

Detection of misleading domain names

This service is based on a a search engine based on in-house developed cognitive Artificial Intelligence (AI) algorithms. This proprietary technology was developed by our research and development team following a series of analyses and by drawing on our business expertise.

Our methodology for detecting fraudulent domain names is based on a 360° approach, based on three main areas:

1. Each monitored term is treated as an extended entity : we generate its contextual keywords, so it is no longer treated as a simple string of characters. By analysing the context of each term, extracting its specific lexical field (using proprietary Natural Language Processing – NLP technology) and by identifying relevant thematic fields, our solution identifies a set of keywords or concepts that could be used in misleading domain names, combined with the term being monitored or its variants.

2. Algorithms for generating spelling and typographical variants based on the target term and the previously identified keywords and concepts. Our engine offers a wide range of generators to cover the main strategies observed, in particular:

  • Universal alterations : duplication or deletion of characters, transposition of characters, substitution of vowels, insertion of typos by adding neighbouring characters on the keyboard, insertion of random characters, substitution of characters with Latin homographs; ;
  • Linguistic changes : substituting letters or syllables with their homophones; applying inflected forms according to gender and number for common nouns; converting numbers into words and vice versa; ;
  • The search for'homoglyphs, based on the correspondences between certain special or non-ASCII characters; ;
  • The search for internationalised domain names (IDN – Internationalised Domain Name); ;
  • For domain names consisting of several words separated by a separator, search for each word or for the entire domain name.

3. A relevance scoring algorithm characterising the degree of credibility of a potentially fraudulent domain name based on its similarity to the monitored term and its keywords and concepts, enabling analysts to assess more quickly the level of threat posed by a domain name based on the form of cybersquatting involved.

This search engine also supports natively, using ad hoc weighting criteria, the most complex searches — involving short terms (three or four characters), compound terms (two or more words) or generic terms (e.g. common nouns). It highlights the most relevant results, ensuring quality and timeliness of alerts. These detections are carried out using queries devised by our team of analysts who specialise in monitoring and analysing new domain names.

Qualification and analysis

Every working day, our team of analysts processes the domain names detected by our tools. Each detection – representing a new domain name found to be similar to the name under surveillance – is analysed from several angles:

  • The forms that cybersquatting takes : repetition of the term exactly as it is or with a variation; insertions such as hyphens or the addition of letters or words; reinforcement of the term with words from its lexical field, etc.; ;
  • The associated threat, often linked to the domain name’s presence on the web and its use: a website that is inaccessible, under construction or inactive; a page hosting fraudulent content; a «pay-per-click» links page, whether or not related to the business; a «registrar» page; a parked page, an address not found, etc.; ;
  • WHOIS / RDAP status, including all the information that can be collected, although it is becoming increasingly common for the data subject’s identifying details no longer to be provided under the GDPR; ;
  • Specifying an MX email server and the existence of redirects.

We cross-reference several sources from external databases to optimise the collection of this data as much as possible. The domain names identified in this way are categorised by list:

  • High-criticality list : similarity to the trade mark and proven fraudulent nature; ;
  • List of average criticality : strong similarity to the trade mark, with no proven fraudulent intent; ;
  • List of low-level criticality : low degree of similarity to the trade mark, with no proven fraudulent intent.

Reporting and governance

Domain names classified as high-risk are subject to urgent reports sent by email as and when detections are made, and all the domain names analysed during the week are sent in a weekly report.

The domain names identified and reported via urgent alerts and weekly reports include three qualifying points : the nature of the cybersquatting, the observed use (dedicated phishing site, redirect links, activation of email servers, etc.) and the mitigation or remedial measures that can be put in place.

For each qualified domain name, the following appear as a minimum the following information:

  • Domain name; ;
  • Domain creation and expiry dates; ;
  • Owner of the estate; ;
  • Domain registrar; ;
  • Whether a website exists, and a description of it if it does; ;
  • Availability of a mail server; ;
  • Presence of a redirect; ;
  • DNS configuration; ;
  • WHOIS / RDAP information; ;
  • Screenshot of the website’s content.

The entire monitoring service can be monitoring via a SaaS management platform. Domain names identified as potentially fraudulent and included in urgent alerts and weekly reports can be retrieved via a API.

Terms and conditions

Use of the Nameshield service is subject to the terms and conditions of service available at www.nameshield.net. Data is hosted in France and processed in accordance with the GDPR. Any subscription implies acceptance of the current terms and conditions of service.

Type
SaaS
Deployment options
Partner Contact
Receive the latest cloud news
Cookie policy

We use cookies to give you the best possible experience on our site, but we do not collect any personal data.

Audience measurement services, which are necessary for the operation and improvement of our site, do not allow you to be identified personally. However, you have the option of objecting to their use.

For more information, see our privacy policy.