en flag +1 214 306 68 37

QDGA DGA Analyzer

QDGA DGA Analyzer for IBM Security QRadar SIEM is an application that includes rules and reference sets and serves as a collector of "bad" domains that were created by Domain Generation Algorithms.

Using a special rule, these domains collected with specified log sources are put to a selected Reference Set. Then, QDGA processes and filters collected domains by a trained neural network and notifies users via offenses about detected suspicious domains.

QDGA DGA Analyzer

QRadar Native Alternatives

DGA processing is available in the QRadar DNS Analyzer application. QDGA is a lightweight alternative to that application.

License

Open Source / Apache 2.

IBM App Exchange

Available as a complimentary app within a commercial tool purchase.