Farsight Security partners with leading security platform providers to integrate our real-time global DNS solutions for cyber security researchers and practitioners. Through these integrations, we expand the ways cyber threat analysts utilize our data in threat attribution, legal investigations, threat intelligence analysis and other highly sensitive applications.
We invite you to join with Farsight Security in becoming a partner.
Anomali® delivers earlier detection and identification of adversaries in your organization’s network by making it possible to correlate tens of millions of threat indicators against your real-time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before material damage to your organization has occurred.
DNSDB data used as an element of threat assessment algorithms and pDNS data is displayed on the dashboard. In-depth pDNS data is available with the integration of a Farsight API key through Anomali’s app store.
CybelAngel® provides a threat intelligence service designed to detect data leaks on parts of the Internet unknown to most users to protect leading actors from the public and private sectors. Its Dark, Deep Web and connected devices search engine enables CybelAngel to monitor at a very high frequency all new and evolving open endpoints where the company information can be leaked (suppliers, Cloud storage, employees, etc.). CybelAngel alerts its clients on leaked sensitive documents, credentials, credit card numbers as soon as they are exposed.
pDNS data used to search for brand infringement and phishing domains.
Demisto Enterprise delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence.
As a Demisto Data Enrichment partner, Farsight's integration with DBot enables both automated and manual interrogation of DNSDB, empowering analysts with expanded insight and accelerated investigations.
DomainTools® helps security analysts turn threat data into threat intelligence. They take indicators from a business’ network, including domains and IP addresses and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations and map cyber activity to attacker infrastructure.
DNSDB integration allows visual and in-depth display of domain names, IP addresses and their relationships with other assets. DNSDB is highlighted in the Domain Tools IRIS 2.0 platform.
Infoblox delivers Actionable Network Intelligence to enterprises, government agencies, and service providers around the world. As the industry leader in DNS, DHCP, and IP address management (DDI), Infoblox provides control and security from the core—empowering thousands of organizations to increase efficiency and visibility, reduce risk, and improve customer experience.
Through integration with Infoblox, Newly Observed Domains (NOD) data solution continuously alerts Infoblox ActiveTrust® users when new domains are first observed on the internet. Users can proactively block outbound resolutions to new domains to prevent malware, phishing and other intrusion attempts.
Infoblox - Farsight Security Solution Brief
Phantom® is the first Purpose-Built, Community-Powered Security Automation & Orchestration Platform. Their mission is to close the security gap by enabling Enterprise Security Operations to be Smarter, Faster, and Stronger. Phantom Cyber orchestrates key stages of security operations from prevention to triage and resolution, delivering dramatic increases in security operations productivity and effectiveness.
DNSDB integration allows for extensive, custom ‘playbook’ search scripts to automate passive DNS (pDNS) lookups for domain names, IP addresses, Name Servers and other records.
Recorded Future’s mission is to empower their users with real-time threat intelligence to proactively defend against threats at the speed and scale of the Internet. With billions of indexed facts Recorded Future’s patented technology continuously analyzes the web and technical sources to deliver unmatched insights into emerging threats.
DNSDB extension integration for Recorded Future Intel Cards allows pivoting on passive DNS (pDNS) records for hostnames and IP addresses.
Red Canary Managed Detection and Response combines industry-defining technology, process and expertise to accurately detect threats that bypass other security tools.
Red Canary uses Farsight’s Newly Observed Domain (NOD) to enrich and confirm their findings during an investigation; providing primary and secondary indication of a potential threat - based on endpoint.
Splunk® provides a leading platform for real-time operational intelligence. It’s an easy, fast and secure way to search, analyze and visualize the massive streams of machine data generated by an organizations’ IT systems and technology infrastructure—physical, virtual and in the cloud.
Farsight’s DNSDB and Brand Sentry solutions can be analyzed using Splunk with the integration of the respective API keys.
ThreatConnect® helps analysts work simultaneously with incident response, security operations and risk management teams to better defend the enterprise against modern cyber threats. Executives can address strategic business needs, mitigate risk and preserve brand integrity. They turn a company’s security operations into a streamlined, united force.
DNSDB integration to display domain names, IP addresses, First Seen and Last seen information for selected records.
ThreatQuotient® delivers an open and extensible threat intelligence platform (TIP) to provide defenders the context, customization and collaboration needed for increased security effectiveness and efficient threat operations and management. ThreatQ accelerates the transformation of threat data into actionable threat intelligence by giving defenders unmatched control through a threat library, an adaptive workbench and an open exchange to ensure that intelligence is accurate, relevant and timely to their business. With ThreatQ, customers can get more out of existing security resources, both people and infrastructure.
DNSDB integration which provides analysis of domains, sub-domains, IP addresses and entire Netblocks within the ThreatQ platform.
Reseller of DNSDB API
Reseller of DNSDB and NOD
Reseller of DNSDB API and SIE channels
Reseller of SIE, NOD, DNSDB API, DNSDB Export
Reseller of DNSDB API
Reseller of DNSDB and NOD
Reseller of DNSDB and NOD in Germany and Austria