QDGA DGA Analyzer
QDGA DGA Analyzer for IBM Security QRadar SIEM is an application that includes rules and reference sets and serves as a collector of "bad" domains that were created by Domain Generation Algorithms.
Using a special rule, these domains collected with specified log sources are put to a selected Reference Set. Then, QDGA processes and filters collected domains by a trained neural network and notifies users via offenses about detected suspicious domains.
QRadar Native Alternatives
DGA processing is available in the QRadar DNS Analyzer application. QDGA is a lightweight alternative to that application.
License
Open Source / Apache 2.
IBM App Exchange
Available as a complimentary app within a commercial tool purchase.
All about Cybersecurity
Services
Penetration Testing
IBM QRadar Tools: Deployment & Environment
Security Testing
Vulnerability Assessment
IBM QRadar Tools: Analytics & Reporting
IBM QRadar Tools: MITRE ATT&CK
Compliance Services
Security Assessment
Security Information and Event Management
IBM QRadar Tools: Data Integration
QDGA DGA Analyzer