Download now! eBook Now Available: Using Farsight Passive DNS for Incident Response

Fraud Protection

Every transaction on the Internet – good or bad – leaves a trail in the Domain Name system (DNS). This means that cyber criminals also rely on the DNS. For fraudulent websites to exist online, the criminals rely on DNS to help make those sites available. Security teams need the power to use a single indicator to uncover key DNS relationships and expose the entire fraudulent network.

Start with Single Indicator > Exploit the Entire Miscreant Network

Discover Related Domains Sharing Common Infrastructure

Located other domains which are also using that same IP address and track not only what, but when.

Explore a "Broader Neighborhood" Around an Initial Clue

Look at larger IP netblock(s) that surround an initial IP amplifying and magnifying an initial clue into hundreds or thousands.

Avoid Incomplete Takedown Attempts

Trace the DNS history of a domain and uncover: What addresses has a domain used over time? How have a domain's name servers evolved over time?

Our Product Suite for Fraud Protection

DNSDB

DNSDB

Farsight Security’s DNSDB® is a Passive DNS historical database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure.

NOD

NOD

NOD leverages Farsight’s real-time Passive DNS sensor array and cross-references that data with its industry-leading DNSDB® historical Passive DNS database.

NOH

NOH

Farsight’s Newly Observed Hostnames (NOH) Provides organizations with visibility of new hostnames or Fully Qualified Domain Names (FQDNs) – when they are first active.

Additional Resources

Overview

Farsight Corporate Overview

Overview

Newly Observed Domains (NOD) Overview

Overview

Newly Observed Hostnames (NOH) Overview

Infographic

5 Signs of Malicious Activity You're Overlooking

Case Study

How ThreatConnectDNSDB® leverages DNSDB to Track Down the Grizzly (Steppe)

Case Study

Avalon and DNSDB to expose the Emotet Malware