DNSDB™ Get Started Guide

A guide for new and experienced DNSDB users

1

Get a DNSDB API key

You may already have an API key or you can get started with a free 30-day trial API key.

FREE 30-DAY TRIAL
2

How to use your DNSDB API key

Threat platform, SIEM and SOAR

Your DNSDB API key is portable and can be used with many threat platforms, SIEM and SOAR solutions. You can even use it in multiple platforms at the same time.

Here are of some of our integrations. If you don’t see yours, please contact us.


Tools

The DNSDB API key is also available via the following tools:

DNSDB Scout
DNSDB Scout

DNSDB Scout™ is our new Google Chrome Extension™. It provides an HTML GUI on top of Farsight Security’s DNSDB API and supports all the major features of the API

Maltego
DNSDB API Free Trial for Maltego

Maltego is a visual link analysis tool that, out of the box, comes with open source intelligence (OSINT) plug-ins called transforms. Farsight DNSDB is now bundled into all versions of Maltego, including Community Edition (CE), Classic and XL.

SPLUNK
SPLUNK app

Farsight DNSDB App for Splunk® enables security analysts to improve the speed, accuracy and global view of their digital investigations for faster risk mitigation and prevention.

3

Documentation

In order to get you started, here are some basic and advanced documents to support the use of the DNSDB API


Videos

Play DNSDB Overview DNSDB Overview - 2:14
Play Basic DNSDB Pivots Diving into DNSDB Pivots - 11:52
Play Pivots DNSDB Pivots Overview - 1:24

Case studies

Grizzly (Steppe) Case Study

CASE STUDY

Grizzly (Steppe) Case Study

How ThreatConnect® leverages DNSDB to Track Down the Grizzly (Steppe).

Deloitte & Touche LLP case study

CASE STUDY

Deloitte & Touche LLP Case Study

Cerber Ransomware Investigation using Farsight's DNSDB™

ThreatConnect case study

CASE STUDY

ThreatConnect, Inc. Case Study

ThreatConnect used Farsight Security's DNSDB™ to investigate Anthem breach-related activity.

Blog posts

IPs, Address Ranges, and CIDR Block Queries in DNSDB API

by Joe St Sauver

In digital investigations, users may need to query hundreds or thousands of IP addresses. Joe St Sauver shows you how to query blocks of IP addresses.

Bulk Converting Internationalized Domain Names to Punycode With Perl and Net::IDN::Encode for Use With DNSDB

by Joe St Sauver

Joe St Sauver shows how to query DNSDB for Internationalzed Domain Names using different programming languages.

ASN-To-Prefixes-To-Domain Names -- Update to May 2017 Blog Article

by Joe St Sauver

Joe St Sauver explains how to use RIPE NCC's terrific service for the Scala query-by-ASN application.

Increase Incident Response Speed and Accuracy with Farsight DNSDB and Demisto Enterprise

by Karen Burke

Increase Incident Response Speed and Accuracy with Farsight DNSDB and Demisto Enterprise. Every transaction, good or bad, begins with a DNS lookup.

Need additional help?

Contact our Technical Support team

By email:

support@farsightsecurity.com

By telephone:

+1-650-489-7919

Request a Demo

Request a customized demo to see our data in action and discover how Farsight DNS Intelligence can help your security operations