Security teams need to “turn back the clock” to view Internet infrastructure as it was at a certain point in time to see how adversaries have “rolled” through related domains, IP addresses and name servers to conceal their activity.
Security analysts and incident responders need access to real-time and historical Passive Domain Name System data in order to block their infrastructure from being used by bad actors. A historical view of Passive DNS data also enables security teams to detect patterns of malicious activity and identify phishing or other targeted attacks.
Farsight Security’s DNSDB™ is a Passive DNS historical database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure. DNSDB leverages the richness of Farsight’s Security Information Exchange (SIE) data-sharing platform and is engineered and operated by leading DNS experts.
“Farsight’s DNSDB is a bridge to new data points in all of our investigations.”
Farsight collects Passive DNS data from its global sensor array. It then filters and verifies the DNS transactions before inserting them into the DNSDB, along with ICANN-sponsored zone file access download data. The end result is the highest-quality and most comprehensive Passive DNS data service of its kind - with more than 13 billion domain names since 2010.
Farsight’s DNSDB transforms threat feeds into actionable, relevant threat intelligence in real time to increase the value of an organization’s existing threat intelligence. Its high-performance, indexed, time-series DNS intelligence data service can ultimately improve visibility for an organization’s security program and protect its infrastructure from current and future threats.