QDGA DGA Analyzer
Schedule a call
QDGA DGA Analyzer for IBM Security QRadar SIEM is an application that includes rules and reference sets and serves as a collector of "bad" domains that were created by Domain Generation Algorithms.
Using a special rule, these domains collected with specified log sources are put to a selected Reference Set. Then, QDGA processes and filters collected domains by a trained neural network and notifies users via offenses about detected suspicious domains.
QRadar Native Alternatives
DGA processing is available in the QRadar DNS Analyzer application. QDGA is a lightweight alternative to that application.
License
Open Source / Apache 2.
IBM App Exchange
Available as a complimentary app within a commercial tool purchase.