Introducing DNSDB 2.0

Now Available

A message from our CTO about DNSDB 2.0

DNSDB® Flexible Search: An Introduction - with Daniel Schwalbe
Download Presentation Slides

Deep Dive into DNSDB 2.0 - with Dr. Paul Vixie

DNSDB 2.0 - Introducing Flexible Search

DNSDB has been expanded to include regular expression and glob search capabilities. Now you can search using natural language keywords or include wildcards in your search.

Check out our DNSDB 2.0 Search Cheat Sheet for tips and tricks on how to use DNSDB Flexible Search with regular expressions and globbing.

See more DNSDB Webinars

Plug into the World’s Largest DNS Intelligence Solution: DNSDB®

The internet relies heavily on the DNS, and criminals are not exempt. DNSDB exploits the fact that cyber criminals share and reuse resources.

DNSDB is a Passive DNS (pDNS) historical database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure DNSDB leverages the richness of Farsight’s Security Information Exchange (SIE) data-sharing platform and is engineered and operated by leading DNS experts.

DNSDB Details

Farsight collects Passive DNS data from its global sensor array. It then filters and verifies the DNS transactions before inserting them into the DNSDB, along with ICANN-sponsored zone file access download data. The end result is the highest-quality and most comprehensive Passive DNS data service of its kind - with more than 100 billion DNS records since 2010.

Farsight’s DNSDB transforms threat feeds into actionable, relevant threat intelligence in real time to increase the value of an organization’s existing threat intelligence. Its high-performance, indexed, time-series DNS intelligence data service can ultimately improve visibility for an organization’s security program and protect its infrastructure from current and future threats.

Farsight’s DNSDB is built for ease of use. Chain and pivot capabilities allow security teams to easily swing from one query to another. Time fencing, output tailoring and limiting of record types are among the capabilities that enable investigators to access the exact results they need. DNSDB queries can be automated into existing workflows through a RESTful API, web-enabled UI and integration with security incident and event management solutions, security automation solutions and threat intelligence platforms.

Farsight’s DNSDB is built for ease of use. Chain and pivot capabilities allow security teams to easily swing from one query to another. Time fencing, output tailoring and limiting of record types are among the capabilities that enable investigators to access the exact results they need. DNSDB queries can be automated into existing workflows through a RESTful API, web-enabled UI and integration with security incident and event management solutions, security automation solutions and threat intelligence platforms.

Eliminate DNS Blind Spots

View Internet infrastructure see how adversaries have “rolled” through related domains, IP addresses and name servers to conceal their activity.

Stop Phishing, Malware, and Ransomware Earlier

Proactively defend your organization from sophisticated cybersecurity threats.

Minimize Risk

Access real-time and historical Passive Domain Name System (pDNS) data to block your infrastructure from being used by bad actors.

DNSDB Access Methods

DNSDB API

Farsight Security’s API Key portability program lets you unlock the power of DNS intelligence across dozens of SIEM, Orchestration, Automation and Threat Intelligence Platforms that already support Farsight's DNSDB RESTful API

Get started with free trial

Features & Benefits

  • Ability to search RRname, RRdata, and by IPv4 or IPv6 address or address block
  • Support for whole-label left-hand-side or right-hand-side domain name wildcards
  • Support for IP range or CIDR prefix RRdata searches
  • Able to return up to a million results per query

Purchase options

  • Purchase an annual subscription with queries / day limits
  • Queries / day limits from 1,000 queries per day up to Unlimited

DNSDB API - Enterprise Block Query

Delivers DNSDB API with a more flexible block quota and enterprise account management features.
Designed to accommodate intermittent and bursting usage patterns typical for investigations.
Includes Enterprise management such as the ability to assign additional user contacts, each receiving their own API key and allocate a split of the quota to each user and reallocate as necessary

Features & Benefits

  • All the benefits and functionality of a queries per day DNSDB API subscription
  • Flexible query usage with no daily query limits
  • Purchase additional quotas when needed
  • Rollover unused queries if you renew prior to subscription expiration
  • Add user contacts with individual API keys
  • Assign / manage block quota for each user

Purchase options

  • Purchase a large block of queries that can be utilized anytime within the annual subscription
  • No daily limits
  • Use only what your team needs and buy more when necessary
  • Minimum initial block quota is 100,000 queries
  • Add-on quota options start at 1,000 queries

DNSDB Export

An on-premises installation of DNSDB in your own environment

Features & Benefits

  • Total query privacy
  • Ability to access data in an offline environment
  • Unlimited query volume
  • Minimize network latency
  • Fastest response time

Purchase options

  • Purchase an annual subscription with database synchronization updates occurring monthly, daily, or every minute

Want to learn more?

Free DNSDB® Trial API

Get your free DNSDB API Key and use it in any of your preferred platform(s)

100

Queries / day

30-days free

Get your API Key
DNSDB Scout®

A simple GUI for DNSDB within the Google Chrome Browser.

Available on Google Chrome Store

100

Queries / day

Free installation

Get DNSDB Scout

Request a Demo

Request a customized demo to see our data in action and discover how Farsight DNS Intelligence can help your security operations

Request demo
DNSDB infographic

Accelerate Your Threat Defense Lifecycle

  • Accelerate incident research and post-breach analysis
  • Discover associations among threat actors and track and block their activity
  • Perform fact-based risk assessment of domain names and IP addresses
  • Uncover all domains using the same name server infrastructure used by a “known bad” domain
  • Reveal the IPs an adversary is using to conceal malicious activity and avoid takedowns
  • Conduct third-party audits of DNS configurations
Featured Resources

Video

DNSDB Overview
Watch now

Overview

DNSDB Solution Overview
Download

Search Cheat Sheet

DNSDB 2.0 Search Cheat Sheet
Download

Case Study

Grizzly (Steppe) Case Study
Download

Case Study

Deloitte & Touche LLP Case Study
Download

Case Study

ThreatConnect, Inc. Case Study
Download
Use Case Videos
Play Investigating Suspicious Indicators Investigating
Suspicious Indicators
Play Investigating Unusual Traffic Investigating
Unusual Traffic
Play Brand Infringement and Counterfeit Goods Brand Infringement
and Counterfeit Goods
Play Investigating Airline Fraud Investigating
Airline Fraud
Play Exposing Phishing Attacks using DNSDB Expander Exposing Phishing
Attacks using DNSDB Expander
Play Investigating Spear Phishing Attacks Investigating
Spear Phishing Attacks

Security Teams Can Map Out Related Domains, IP Addresses, and Infrastructure for Thorough Investigation and Protection.

DNSDB for SOC teams scheme

Want to learn more?

Protect against cybercriminal activity in real-time.

Request a free demo
Bilin