Domain Risk Management – The Build vs. Buy Dilemma in 2023


Domain risks are growing increasingly aggressive, and detrimental to businesses despite their best domain risk management efforts. Domain threats, including typosquat domains, phishing attacks, and impersonation attacks target businesses with malicious domains meant to trick customers, employees, and those tied to your business.

While Domain Risk Management (DRM) can be a straightforward process, it is not easy to execute, especially at scale as your business expands. Domain risk management includes the active management of typosquatting domains through both proactive acquisition and comprehensive and continuous threat discovery and assessment.

In this blog, we want to cover the decision criteria and considerations to make a build versus buy determination for an effective and scalable DRM program. Discover if it makes more sense for your business to internally construct your domain risk management strategy, or integrate with external solutions.

Considerations Fueling the Domain Risk Management Decision

Domain risk management requires that for every domain an organization owns, the likely typosquatting varients be discovered and assessed. If this process only concerns one or two domain names, leveraging something like dnstwister to achieve this goal will be relatively easy.

However, what about an organization with numerous similar domain names, say 5, 10, 20, or even up to the thousands? This problem can’t be solved by simply scaling personnel (human capital). Domain Risk Management can quickly become a problem of seismic proportions–the magnitude necessitating a high level of automation at the core to power an effective program.

Companies may build a system in-house to perform this level of monitoring and detection. However, the takedown portion of the process typically requires legal expertise, drawing in the internal legal team, and rapidly driving up the cost of the operation.

An in-house, manual operation is feasible for a small organization with a handful of domain names, though it would not be as thorough as using a fully-automated solution. Designing a program that requires roughly four to eight hours a week’s worth of manual tasks is possible. But if the domain portfolio grows disproportionately faster than the security team, this manual approach and program will tap out.

Laying it Out – Build vs. Buy

We’ve put together the pros and cons of each option for security leaders to consider when making the right decision for your business.

Domain risk management: Building an in-house program


  • The capabilities of your DRM program are entirely customizable, dependent upon your team’s skillset and business requirements.
  • Since the program is built in-house, you will know your organization and the program should you need support.
  • As your needs or requirements evolve, you have complete control over the program to adjust as you see fit.


  • Tremendous labor costs, especially if you leverage and build a software platform in-house.
  • The program will be built by a team who may not be skilled in domain risk management, likely creating gaps in protection.
  • Staff turnover exists in every organization; when the person who developed your program leaves, will it continue to run?

Domain risk management – Buying program management as a service


  • Buying a DRM service offers you a turnkey, immediate ROI program protection starting on Day 1.
  • A professionally designed domain risk management solution will protect your organization’s domains most significantly.
  • The ease of use of a domain risk management service eliminates the challenge of the skills shortage.


  • As a security practitioner, you must consider where your organization’s data may exist; a domain risk management service is no different. You must review the platform’s data handling practices.
  • You are shifting the operation of your domain risk management to a third party; careful selection of the third party must be performed to ensure the continuity of the service.
  • Lack of customization, depending on the solution you choose, may be a concern if your organization has unique challenges in the DRM space.

Final Thoughts on the Build vs. Buy Debate

We may be biased, but we believe investing in a domain risk management service from a company like Bolster offers distinct advantages over the manual effort needed to implement an in-house equivalent solution. Some of the largest brands in the world believe this, too, leveraging the out-of-the-box automation offered by Bolster to stand up a scalable and effective DRM solution quickly.

Check out the success Covanta experienced and continues to experience combatting dangerous domains with our industry-leading domain takedown technology. Our solution is augmented further by computer vision, natural language processing, and deep learning to identify logos, images, and content used to hijack a company’s brand across websites, social media platforms, app stores, marketplaces, email systems, and search engines.

So the coverage and protection are comprehensive, and the technology is easy to implement into your cybersecurity tech stack. Our team of customer success and SOC professionals are here 24/7 to make sure no malicious domain goes undetected.

When malicious conditions are discovered, the takedown process is initiated via API or other automated means with hosting companies, registrars, and content distribution networks. This results in zero-touch takedowns measured in minutes and hours versus days and weeks.

If you’re interested in seeing Bolster’s capabilities, request a demo with our team today.


Checkout our other domain risk management resources:

Domain Risk Management – Elements of an Effective Program

Domain Risk Management Program – Discovering the Threats

Learn more about the Bolster Domain Protection product

Request your free trial today: Bolster Free Trial