DNSDB™ Get Started Guide

1

Get a DNSDB API key

You may already have an API key or you can get started with a free 30-day trial API key.

2

How to use your DNSDB API key

Threat platform, SIEM and SOAR

Your DNSDB API key is portable and can be used with many threat platforms, SIEM and SOAR solutions. You can even use it in multiple platforms at the same time.

Here are of some of our integrations. If you don’t see yours, please contact us.

Tools

The DNSDB API key is also available via the following tools:

DNSDB Scout™ is our new Google Chrome Extension™. It provides an HTML GUI on top of Farsight Security’s DNSDB API and supports all the major features of the API

Learn more

DNSDB Scout™ – Farsight’s new Google Chrome Extension for querying DNSDB

Maltego is a visual link analysis tool that, out of the box, comes with open source intelligence (OSINT) plug-ins called transforms. Farsight DNSDB is now bundled into all versions of Maltego, including Community Edition (CE), Classic and XL.

Learn more

Farsight DNSDB Bundles with Maltego To Enable Faster Investigations

Farsight DNSDB App for Splunk^® enables security analysts to improve the speed, accuracy and global view of their digital investigations for faster risk mitigation and prevention.

Learn more

Farsight's DNSDB Plugin for Splunk

REST API

If you're a programmer and want to query DNSDB directly, here is the API documentation.

Api documentation

Resources

Getting "Human" (ISO8601) Datetime Stamps From dnsdbq JSON lines-formatted Output

Using Farsight's dnsdbq Command Line DNSDB Tool in a Microsoft Windows Environment: The "Windows Subsystem for Linux" Option

"Black Box" Testing with the Python Black Box Tool (pbbt)

Farsight's DNSDB Time Fencing: A Post-Attack "Time Machine"

3

Documentation

In order to get you started, here are some basic and advanced documents to support the use of the DNSDB API

API Documentation

api.dnsdb.info

Technical Documentation

More technical resources

Videos

DNSDB Overview - 2:14

Diving into DNSDB Pivots - 11:52

DNSDB Pivots Overview - 1:24

Case studies

CASE STUDY

Grizzly (Steppe) Case Study

How ThreatConnect^® leverages DNSDB to Track Down the Grizzly (Steppe).

Download

CASE STUDY

Deloitte & Touche LLP Case Study

Cerber Ransomware Investigation using Farsight's DNSDB™

Download

CASE STUDY

ThreatConnect, Inc. Case Study

ThreatConnect used Farsight Security's DNSDB™ to investigate Anthem breach-related activity.

Download

Blog posts

IPs, Address Ranges, and CIDR Block Queries in DNSDB API

by Joe St Sauver

In digital investigations, users may need to query hundreds or thousands of IP addresses. Joe St Sauver shows you how to query blocks of IP addresses.

by Joe St Sauver

Joe St Sauver shows how to query DNSDB for Internationalzed Domain Names using different programming languages.

by Joe St Sauver

Joe St Sauver explains how to use RIPE NCC's terrific service for the Scala query-by-ASN application.

by Karen Burke

Increase Incident Response Speed and Accuracy with Farsight DNSDB and Demisto Enterprise. Every transaction, good or bad, begins with a DNS lookup.

Read more

More blogs

Need additional help?

Contact our Technical Support team

By email:

support@farsightsecurity.com

By telephone:

+1-650-489-7919

Request a Demo

Request a customized demo to see our data in action and discover how Farsight DNS Intelligence can help your security operations

Request demo

DNSDB® Get Started Guide

Get a DNSDB API key

How to use your DNSDB API key

Threat platform, SIEM and SOAR

Tools

REST API

Documentation

API Documentation

Technical Documentation

More technical resources

Videos

Case studies

Blog posts

Need additional help?

+1-650-489-7919

Request a Demo

DNSDB^® Get Started Guide