Cybercriminals Quickly Exploit Internet Infrastructure to Support Their Campaigns and Avoid Detection.
Learn how you can transform threat feeds into actionable, relevant threat intelligence
The internet relies heavily on the DNS, and criminals are not exempt. DNSDB exploits the fact that cyber criminals share and reuse resources.
DNSDB is a Passive DNS (pDNS) historical database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure DNSDB leverages the richness of Farsight’s Security Information Exchange (SIE) data-sharing platform and is engineered and operated by leading DNS experts.
Farsight collects Passive DNS data from its global sensor array. It then filters and verifies the DNS transactions before inserting them into the DNSDB, along with ICANN-sponsored zone file access download data. The end result is the highest-quality and most comprehensive Passive DNS data service of its kind - with more than 100 billion DNS records since 2010.
Farsight’s DNSDB transforms threat feeds into actionable, relevant threat intelligence in real time to increase the value of an organization’s existing threat intelligence. Its high-performance, indexed, time-series DNS intelligence data service can ultimately improve visibility for an organization’s security program and protect its infrastructure from current and future threats.
Farsight’s DNSDB is built for ease of use. Chain and pivot capabilities allow security teams to easily swing from one query to another. Time fencing, output tailoring and limiting of record types are among the capabilities that enable investigators to access the exact results they need. DNSDB queries can be automated into existing workflows through a RESTful API, web-enabled UI and integration with security incident and event management solutions, security automation solutions and threat intelligence platforms.
View Internet infrastructure see how adversaries have “rolled” through related domains, IP addresses and name servers to conceal their activity.
Detect patterns of malicious activity and identify phishing or other targeted attacks.
Access real-time and historical Passive Domain Name System (pDNS) data to block your infrastructure from being used by bad actors.
Farsight Security’s API Key portability program lets you unlock the power of DNS intelligence across dozens of SIEM, Orchestration, Automation and Threat Intelligence Platforms that already support Farsight's DNSDB RESTful API
Get started with free trialFeatures & Benefits
Purchase options
Delivers DNSDB API with a more flexible block quota and enterprise account management features.
Designed to accommodate intermittent and bursting usage patterns typical for investigations.
Includes Enterprise management such as the ability to assign additional user contacts, each receiving their own API key and allocate a split of the quota to each user and reallocate as necessary
Features & Benefits
Purchase options
An on-premises installation of DNSDB in your own environment
Features & Benefits
Purchase options
Purchase an annual subscription with database synchronization updates occurring monthly, daily, or every minute
Get your free DNSDB API Key and use it in any of your preferred platform(s)
Queries / day
A simple GUI for DNSDB within the Google Chrome Browser.
Queries / day
Request a customized demo to see our data in action and discover how Farsight DNS Intelligence can help your security operations
CASE STUDY
Grizzly (Steppe) Case StudyHow ThreatConnect® leverages DNSDB to Track Down the Grizzly (Steppe).
CASE STUDY
ThreatConnect, Inc. Case StudyThreatConnect used Farsight Security's DNSDB to investigate Anthem breach-related activity.
