Farsight DNSDB Flexible Search Now Available As On-Prem Solution or Hosted Service for Threat Hunters

San Mateo, California, June 7th, 2021, Today Farsight Security, Inc., the leading cybersecurity provider of DNS Intelligence, announced that DNSDB Flexible Search, an innovative threat hunting technology that enables users to search the Domain Name System (DNS) for digital artifacts used by cybercriminals, fraudsters and other online scammers, is now available in DNSDB Export. DNSDB Export is available as both an on-prem solution and as a hosted service.

"Farsight exists to answer the question, 'What is the power of observation?' and our DNSDB system is now in its 11th year of dominant innovation," said Dr. Paul Vixie, Farsight's CEO. "Some investigators require an on-premise database to fully enable their desired workflow, and as of now, our on-premise solution now supports the Flexible Search features we first announced last October. Wherever and however the powers of observation can serve the needs of investigation or defense, Farsight will be there."

With its fuzzy matching capabilities, DNSDB Flexible Search enables users to pinpoint the precise patterns they need to expose, correlate, and contexualize their investigations. Before today, Flexible Search was only available to Farsight DNSDB key holders through our online server. Now DNSDB Export customers can also benefit from this powerful flexibility.

The Benefits of DNSDB Export

DNSDB Export is used by many of the world’s largest corporations and government agencies, and offers a number of benefits including:

Partitioned Network Environments: For customers who require work to be done in high security environments, including “air-gapped” systems or “partitioned” networks with no access to external networks or sites, DNSDB Export On-Prem enables all DNS analysis to be conducted without the need for Internet connectivity.

Privacy: For customers who require maximum discretion, DNSDB Export gives them the option to guarantee the privacy of their queries and research. Queries and responses made against DNSDB Export On-Prem never leave the local network environment, and query logs are stored locally or can be disabled altogether. This ensures complete control over all data, and guarantees complete privacy for customer use of DNSDB data.

Performance: For customers who require the ability to conduct extreme volumes of queries, DNSDB Export On-Prem eliminates potential network delays or congestion that can occur on any connection over the Internet. This guarantees the shortest distance between users and DNSDB data, and cuts down on packet round-trip time.

High Availability: For customers who require the use of their own fail-safe infrastructure, DNSDB Export On-Prem enables them to design redundant systems to guarantee high local availability of the data and avoid outside impacts like uplink failures or even possible DDOS attacks.

DNSDB Export: How It Works

DNSDB Export is installed on dedicated servers within the customer’s environment or in a Farsight data-center. These systems run the same server software as DNSDB for API Key users, and receive the same updates.

DNSDB Flexible Search can help threat hunters, incident responders, and other cyber investigators:

  • Search just parts of words. For example, if you're investigating drug crime, you may want to find all the domains that include, for example oxycon, perco or hydroco
  • Easily find look-alike domain names used for phishing attacks against their brands.
  • Identify patterns and find matches for threat actor-generated hostnames/domain names
  • Find candidate matches when working with incomplete or redacted information
  • Identify domains relating simple generic terms to well-known brand names, from popular products to presidential campaigns

Pricing & Availability

DNSDB Flexible Search is now available to all DNSDB Export customers. To become a DNSDB Export customer and learn more about our on-prem and hosted service, please contact sales@farsightsecurity.com. DNSDB is available via an annual subscription.

About Farsight Security, Inc.

Farsight Security, Inc. provides both real-time and historical passive DNS solutions, including the world’s largest passive DNS database, DNSDB. We enable security teams to qualify, enrich and correlate all sources of threat data and ultimately save time when it is most critical - during an attack or investigation. Our solutions provide enterprise, government and security industry personnel and platforms with unmatched global visibility, context and response. Farsight Security is headquartered in San Mateo, California, USA. Learn more about how we can empower your threat platform and security team with Farsight Security passive DNS solutions at www.farsightsecurity.com or follow us on Twitter: @FarsightSecInc.