Where do large companies register domains?

MarkMonitor and CSC <https://www.cscdbs.com/> are the two Enterprise registrars I'm familiar with. If you're really big, you can setup your own registrar (or two), like Facebook did https://registrarsec.com/ (not open to outside registrations, AFAIK).

I've used register.eu (which looks like they're in the midst of a name change) to manage domains that required a local agent for presence requirements. They don't support as many places as MarkMonitor, but most retail registrars won't register you if you don't have presence or won't handle small locality domains that require presence.

If you're concerned about the security of your domains, you really want to use a registrar (and a registry/tld) that can work with you to setup a registry lock. A registry lock is set at the registry and not the registrar; the registry will contact the registrant (that's you) to unlock it, otherwise no changes can be made. This will prevent shenanigans like this https://www.computerworld.com/article/2485799/network-soluti... (thanks Network Solutions)

Mainly MarkMonitor. The main thing these services provide is high security around changes. They also offer a lot of things like brand protection related services.

Even bigger ones will sometimes run their own registry (like Google).

Large companies often use MarkMonitor, which has enterprise-oriented sales. It's not obvious if they provide commensurate value, or if they're just good at convincing enterprises that they do.

Most startups I've worked with have domains registered by the founders on GoDaddy, Namecheap, or Gandi which then get transferred to MarkMonitor once the company has an IT budget. I don't think it matters as much as it used to, as nearly every registrar supports two factor auth and domain locks now. Still, I've heard stories about GoDaddy CSRs getting social engineered into transferring domains.