Solutions

Farsight Solutions

By Role
CISO / Security Management Security Operations Threat Intelligence Network Operations / IT

By Need
Incident Response Threat Hunting Brand Protection Fraud Prevention Anti-Phishing

Technology
Partner Integrations Security Information Exchange

All Solutions
DNSDB Protective DNS Newly Active Domains Newly Observed Domains Newly Observed Hostnames DNS Changes DNS Errors

Blog Technical Resources Get Started
Resources

Farsight Resources

Resources Center
General Resources Reports Research Case Studies Webinars Videos FAQ Infographics

Support
Technical Resources Tools Help

Featured Resource

DNSDB^® Get Started Guide

Learn how to get the most from DNSDB with our Get Started Guide.
Get started with DNSDB

Blog Solutions Upcoming Events
Blog

Farsight Security Blog

Farsight Security Blog The TXT Record The Long View Blog Full Archive

Featured Resource

Tax Scammers: Gone Phishing This Tax Season

This year the U.S. deadline for filing taxes has been extended to July. While this extended deadline is a helpful benefit to the public, cybercriminals will take advantage of this extra time to lure even more unsuspecting users into their online tax scams...
Read more

Solutions Technical Resources Upcoming Events
Partners

Farsight Partners and Integrations

Partner Ecosystem Integrations Tools

Featured Resource

Reducing Third Party Risk Using Passive DNS Data

This joint whitepaper between LookingGlass Cyber Solutions and Farsight examines how continuous monitoring, specifically using Farsight passive DNS data, can help identify infrastructure vulnerabilities in third-party vendors.
Download

Blog Solutions Upcoming Events
Community

Farsight Community

Overview Community Tools Farsight Labs Data Sharing Technical Content Research Grant Requests

Featured Resource

Discover Hidden Clues with Farsight DNSDB^®

In this eBook, take a deep dive into DNS and learn how to discover previously hidden digital artifacts and advance your cyber investigations.
Download eBook

Blog Solutions Upcoming Events
Company

Farsight Overview

Company
About Jobs Contact Us

News & Events
Overview News Events Press Releases 5 Questions Newsletters

Featured Resource

Using Farsight Passive DNS for Incident Response

In this eBook, explore how Farsight Security's real-time and historical passive DNS solutions can be used throughout the four phases of the NIST incident response lifecycle.
Download eBook

Coronavirus (COVID-19) Information

Blog Solutions Upcoming Events

Introducing DNSDB 2.0

Now Available

A message from our CTO about DNSDB 2.0

DNSDB^® Flexible Search: An Introduction - with Daniel Schwalbe
Download Presentation Slides

Deep Dive into DNSDB 2.0 - with Dr. Paul Vixie

DNSDB 2.0 - Introducing Flexible Search

DNSDB has been expanded to include regular expression and glob search capabilities. Now you can search using natural language keywords or include wildcards in your search.

Check out our DNSDB 2.0 Search Cheat Sheet for tips and tricks on how to use DNSDB Flexible Search with regular expressions and globbing.

See more DNSDB Webinars

Plug into the World’s Largest DNS Intelligence Solution: DNSDB^®

The internet relies heavily on the DNS, and criminals are not exempt. DNSDB exploits the fact that cyber criminals share and reuse resources.

DNSDB is a Passive DNS (pDNS) historical database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure DNSDB leverages the richness of Farsight’s Security Information Exchange (SIE) data-sharing platform and is engineered and operated by leading DNS experts.

DNSDB Details

Farsight collects Passive DNS data from its global sensor array. It then filters and verifies the DNS transactions before inserting them into the DNSDB, along with ICANN-sponsored zone file access download data. The end result is the highest-quality and most comprehensive Passive DNS data service of its kind - with more than 100 billion DNS records since 2010.

Farsight’s DNSDB transforms threat feeds into actionable, relevant threat intelligence in real time to increase the value of an organization’s existing threat intelligence. Its high-performance, indexed, time-series DNS intelligence data service can ultimately improve visibility for an organization’s security program and protect its infrastructure from current and future threats.

Farsight’s DNSDB is built for ease of use. Chain and pivot capabilities allow security teams to easily swing from one query to another. Time fencing, output tailoring and limiting of record types are among the capabilities that enable investigators to access the exact results they need. DNSDB queries can be automated into existing workflows through a RESTful API, web-enabled UI and integration with security incident and event management solutions, security automation solutions and threat intelligence platforms.

Eliminate DNS Blind Spots

View Internet infrastructure see how adversaries have “rolled” through related domains, IP addresses and name servers to conceal their activity.

Stop Phishing, Malware, and Ransomware Earlier

Proactively defend your organization from sophisticated cybersecurity threats.

Minimize Risk

Access real-time and historical Passive Domain Name System (pDNS) data to block your infrastructure from being used by bad actors.

DNSDB Access Methods

DNSDB API

Farsight Security’s API Key portability program lets you unlock the power of DNS intelligence across dozens of SIEM, Orchestration, Automation and Threat Intelligence Platforms that already support Farsight's DNSDB RESTful API

Features & Benefits

Ability to search RRname, RRdata, and by IPv4 or IPv6 address or address block
Support for whole-label left-hand-side or right-hand-side domain name wildcards
Support for IP range or CIDR prefix RRdata searches
Able to return up to a million results per query

Purchase options

Purchase an annual subscription with queries / day limits
Queries / day limits from 1,000 queries per day up to Unlimited

DNSDB API - Enterprise Block Query

Delivers DNSDB API with a more flexible block quota and enterprise account management features.
Designed to accommodate intermittent and bursting usage patterns typical for investigations.
Includes Enterprise management such as the ability to assign additional user contacts, each receiving their own API key and allocate a split of the quota to each user and reallocate as necessary

Features & Benefits

All the benefits and functionality of a queries per day DNSDB API subscription
Flexible query usage with no daily query limits
Purchase additional quotas when needed
Rollover unused queries if you renew prior to subscription expiration
Add user contacts with individual API keys
Assign / manage block quota for each user

Purchase options

Purchase a large block of queries that can be utilized anytime within the annual subscription
No daily limits
Use only what your team needs and buy more when necessary
Minimum initial block quota is 100,000 queries
Add-on quota options start at 1,000 queries

DNSDB Export

An on-premise installation of DNSDB in your own environment or a hosted service

Features & Benefits

Full DNSDB Flexible Search functionality
Total query privacy
Ability to access data in an offline environment
Unlimited query volume
Minimize network latency
Fastest response time

Purchase options

Purchase an annual subscription with database synchronization updates occurring monthly, daily, or every minute

Want to learn more?

DNSDB Scout^®

A simple GUI for DNSDB within the Google Chrome Browser.

100

Queries / day

Free installation

Get DNSDB Scout

Request a Demo

Request a customized demo to see our data in action and discover how Farsight DNS Intelligence can help your security operations

Request demo

Accelerate Your Threat Defense Lifecycle

Accelerate incident research and post-breach analysis
Discover associations among threat actors and track and block their activity
Perform fact-based risk assessment of domain names and IP addresses
Uncover all domains using the same name server infrastructure used by a “known bad” domain
Reveal the IPs an adversary is using to conceal malicious activity and avoid takedowns
Conduct third-party audits of DNS configurations