Case Study: Logpresso boosts cyber threat detection with WhoisXML API domain intelligence

Logpresso & WhoisXML API Augmenting Cyber Threat Detection and Security Operations

Logpresso, a South Korea-based cybersecurity company, provides a unified security operations platform for log collection, threat detection, incident investigation and response. To improve its cloud SIEM capabilities, Logpresso needed richer contextual data to better identify real threats such as phishing, brand impersonation, and other suspicious domains, and it turned to WhoisXML API’s WHOIS API and Domain Reputation API.

By integrating WhoisXML API domain intelligence into its SIEM platform, Logpresso enriched threat data with registrant and reputation information so users could investigate suspicious domains more effectively and prioritize low-reputation domains for review. WhoisXML API helped Logpresso strengthen threat detection, improve response workflows, and enhance brand and phishing protection, though the case study does not provide specific quantitative metrics.

Logpresso

Goo Dong-Eon

Chief Business Officer