Farsight Security Announces Farsight DNSDB App for Splunk to Provide Global DNS Context To Organizations’ Security Intelligence
San Mateo, California — April 11, 2016 — Farsight Security, Inc. today announced Farsight DNSDB℠ App for Splunk to help customers improve the speed, accuracy and global view of their digital investigations for faster risk mitigation and prevention. The Farsight DNSDB App for Splunk enables users of Splunk® Enterprise to add DNS real-time and historical data and context to event data in order to gain broader analysis and investigative capabilities. Download the Farsight DNSDB App for Splunk now on https://splunkbase.splunk.com/app/3050/.
Farsight DNSDB App for Splunk gives organizations of all sizes the ability to add contextual information and situational awareness from DNSDB to enrich an organization’s existing security context. With more than 13 billion domains and hostnames collected since 2010, DNSDB is the most comprehensive historical database of passive DNS data about how IPs, domains, and Internet infrastructure are interconnected and have evolved. By augmenting with DNSDB context, security teams have visibility based on real-time internet infrastructure to improve detection, identification and analysis of threats and adversary infrastructure and capabilities.
Farsight data users can now leverage the end-to-end context provided by Splunk Enterprise to track suspicious domain names or Internet Protocol addresses (IPs). For example, users can enhance existing workflow to auto generate a query and populate contextual information for all IP addresses and domain names that all of their hosts have visited.
“Enterprises, small and large, have requested Farsight to integrate DNSDB with SIEM solutions to accelerate their investigations. Splunk solutions are a leading SIEM solution, so it was natural that we work together to provide DNSDB’s contextual threat intelligence information within their platform. Security analysts use DNSDB to get the facts about IP addresses, domain names, and related infrastructure to improve detection and incident response of tomorrow’s threats,” said Paul Vixie, CEO of Farsight Security.
“Farsight DNSDB is a significant repository of DNS intelligence and its real-time data provides security analysts with valuable context and new information about fast-moving attacker activity. With its strong DNS pedigree, Farsight Security has developed credibility among service providers and enterprises that value insight from the most direct sources. Organizations can now access Farsight’s premium DNS intelligence with the readily-available Splunk integration,” said Scott Crawford, Research Director for 451 Research.
“Farsight DNSDB App for Splunk extends the Splunk platform helping enable end-to-end security and provide global contextual information across organizations,” said Haiyan Song, senior vice president, security markets, Splunk. “Splunk’s mission is to make machine data accessible, usable and valuable for everyone — when it comes to security, all data is relevant, and Farsight DNSDB App for Splunk can add more context for correlation, which can deliver additional security and Operational Intelligence.”
A free 15-day trial of the Farsight Security DNSDB App for Splunk is available. Download the Farsight DNSDB App for Splunk now on https://splunkbase.splunk.com/app/3050/. Farsight Security customers should be able to download the app and use their current DNSDB API key to integrate the information. As always, Farsight remains committed to improving the safety of the Internet and will continue supporting law enforcement agents, academic researchers, and non-profit organizations with full or partial grants of our services.
Using Farsight DNSDB App for Splunk, organizations can get contextual awareness of domains and IP addresses
Slunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Hunk, Splunk Cloud, Splunk Light, SPL and Splunk MINT are trademarks and registered trademarks of Splunk Inc. in the United States and other countries.
About Farsight Security, Inc.
Farsight Security provides the world’s largest real-time actionable threat intelligence information on how the Internet is changing, seeing more than 250,000 DNS-related observations per second. Leveraging proprietary technology that was purpose-built to manage the volume of data and real-time analyses, Farsight provides security teams with the Internet’s view of an organization’s web presence and how it is changing, whether those changes were made purposely, inadvertently, or maliciously. The world’s most security conscious organizations use Farsight for their real-time threat intelligence information. For more information, please contact us through our website at https://www.farsightsecurity.com/ or follow us on LinkedIn, Twitter, and Facebook.