Monitor domains in real-time Farsight Security Domain Sentry

The Security Challenge

Criminals Easily Manipulate the DNS

Cybercriminals manipulate the Domain Name System (DNS) to leverage Advanced Persistent Threats (APT) and commit fraud on otherwise secure domains. Preventing cybercrime on domains is essential to safeguarding not only the people using them, but also the intellectual property at the core of every organization.

With the Farsight Security Domain Sentry solution, organizations can easily make always-on DNS monitoring part of their security shield to protect and support their partners, customers, and employees.

The Farsight Solution

Domain Sentry

Actionable Intelligence

Domain Sentry monitors in real-time your organization’s domains and IP addresses to ensure appropriate usage. If there is a deviation from a specified domain-IP relationship, Domain Sentry will send an alert with enclosing context. The intelligence Domain Sentry makes available to a security team arms their activities and can prevent breaches to the domains and IP addresses under an organization’s stewardship.

Domain Sentry helps you prevent breaches in domain security by:

  • Reporting instances when your organization’s domains resolve outside of your predefined IP address space. This behavior can indicate domain hijacking or other criminal activity.
  • Reporting any unidentified domains that resolve inside your predefined IP address space. This behavior can indicate compromised hosts or other criminal activity.
“Farsight’s SIE platform is the most complete real‑time security telemetry of its kind.”

Alex Pinto
Chief Data Scientist MLSec Project

The Muscle Behind Domain Sentry

Domain Sentry monitors in real-time the Farsight Security Information Exchange (SIE) platform for your specified domains and IP addresses. Organizations set their pre-defined parameters in Domain Sentry to monitor the relationship between specific domains, IP addresses, and DNS record types. Domain Sentry reports on global changes when existing domains purposely, inadvertently, or maliciously deviate.

When such activities occur, an alert is triggered and the data surrounding the specific event is sent to an organization.

Farsight SIE is a highly scalable data‑sharing platform which collects data and issues security alerts in real time. Using data collected from Farsight’s global sensor array, SIE streams more than 200,000 observations per second offering immediate access to worldwide real-time data.

This eliminates the need for an organization to develop or deploy its own data collection infrastructure. With access to SIE data, security professionals can more accurately identify, map, and protect their networks from cybercrime activity.