WXA Forum Tokyo 2025 Recap: Japan’s Cyber Leaders Unite for a New Era of DNS-Driven Threat Intelligence

Tokyo, November 2025 — The WXA Forum Tokyo 2025 concluded with remarkable energy and engagement, bringing together more than two dozen C-suite and executive leaders from Japan’s top-tier cybersecurity companies. Leaders from major MSSPs, SOC operators, and enterprise security divisions gathered for an unprecedented deep-dive into the evolving DNS threat landscape — and how Japan can stay ahead of it.

Hosted by WhoisXML API, the forum showcased original research, live case studies, and advanced demonstrations of next-generation DNS, domain, and traffic intelligence. The event highlighted one core message: DNS is no longer just infrastructure — it is the earliest and most universal signal of cyber risk.

Key Highlights:

• Japan reported a record 1.2 million phishing cases in 1H 2025, the highest ever.
• Case studies included large-scale stock trading fraud and the Jaguar Land Rover supply chain attack
• WhoisXML API demonstrated First Watch — its AI-powered predictive malicious domain detection engine — identifying threats minutes after registration.
• Traffic Intelligence showcased visibility into global DNS activity and traffic data, revealing attacker infrastructure long before traditional tools detect it.
• Discussions emphasized early detection, AI-assisted SOC operations, and cross-border visibility to secure Japan’s digital ecosystem.

Why This Event Matters: Japan’s Cyber Future Depends on Early Detection

The presence of Japan’s leading cybersecurity executives — from major MSSPs, cloud service providers, forensics firms, telecoms, and critical-infrastructure defenders — signals a strong cross-industry commitment to strengthen the country’s cyber posture.

Three common themes emerged from discussions: 

1. Early detection is now mandatory, not optional. Attackers increasingly use domain infrastructure to hide, pivot, and scale attacks. Organizations must detect at registration time — not months later. 

2. AI-assisted threat intelligence reduces SOC overload. The problem is no longer detection — it is human capacity. AI-filtered, low-noise domain intelligence is becoming essential.

3. Japan needs stronger visibility into global traffic. Domestic-only telemetry is insufficient when attackers operate out of regions Japanese networks cannot monitor. Cross-border DNS + traffic intelligence as provided through the Internet Abuse Signal Collective (IASC) fills that gap.

A Shared Mission: Building Japan’s Next-Generation External Attack Surface Defenses

As the forum closed, many leaders expressed strong interest in:

• Joint R&D pilots on predictive intelligence
• MSSP integrations of First Watch and Traffic Intelligence
• Brand protection enhancements for Japanese enterprises
• Co-developing Japan-focused early-warning systems
• Strengthening data-exchange partnerships with WhoisXML API

The enthusiasm underscores one clear takeaway:

Japan is ready to adopt predictive, AI-powered DNS and traffic intelligence as a core layer of its national cybersecurity defense strategy.

WhoisXML API is committed to deepening its partnerships across Japan — with MSSPs, SOC operators, enterprise security teams, and government agencies — to help Japan strengthen its cyber resilience in 2026 and beyond.

We extend our sincere gratitude to all executives and organizations who participated in WXA Tokyo 2025.

Together, we are building a safer, more predictable digital future.