Download now! eBook Now Available: Using Farsight Passive DNS for Incident Response

Threat Hunting

As cyber threats become more and more advanced, threat hunters will require more data to power their capabilities and provide context to incidents instantly. There is an on-going need to answer difficult questions such as:

  • Where did this domain name point to in the past?
  • What domain names are hosted by a given nameserver?
  • What domain names point into a given IP network?

Knowledge Isn’t Power,
Applied Knowledge is Power

Know What You Can Rely On

Rely on robust and comprehensive intelligence data to enrich your analysis and inform your decision-making process.

Pivot from a Single Indicator to Other Related Resources

Find an initial clue (such as a suspicious domain name), identify a potentially-shared resource associated with that initial clue, and search for other domain names that also use that shared resource.

Leverage the Power of Integration

Integrate passive DNS intelligence into your threat platform of choice for automatic enrichment of events.

Our Product Suite for Threat Hunting

DNSDB

DNSDB

Farsight Security’s DNSDB® is a Passive DNS historical database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure.

NOD

NOD

NOD leverages Farsight’s real-time Passive DNS sensor array and cross-references that data with its industry-leading DNSDB® historical Passive DNS database.

NOH

NOH

Farsight’s Newly Observed Hostnames (NOH) Provides organizations with visibility of new hostnames or Fully Qualified Domain Names (FQDNs) – when they are first active.

DNS Changes

DNS Changes

DNS Changes channel provides real-time visibility into changes made to DNS.

DNS Errors

DNS Errors

The DNS Errors channel is a real-time feed of DNS query responses which have a valid or completely absent checksum and a non-zero response code.

Additional Resources

Video

DNSDB Pivots Overview

Video

Basic DNSDB Pivots

Video

Diving into DNSDB Pivots

Video

DNS As a Defense Tool

Video

Past, Present and Future of DNS Resolution

Case Study

How ThreatConnect® leverages DNSDB to Track Down the Grizzly (Steppe)

Case Study

Avalon and DNSDB to expose the Emotet Malware

Case Study

LuJam Leverages Farsight Security’s Newly Observed Domains (NOD) Solution to Address Zero-Day Attacks

Case Study

Newly Observed Domains (NOD) Real-time intelligence to stop future attacks.

Report

The Modality of Mortality in Domain Names

Report

Farsight Security Global Internationalized Domain Name Homograph Report