DNSDB 2.0 transforms threat feeds into relevant threat intel in real time - Help Net Security

DNSDB 2.0 transforms threat feeds into relevant threat intel in real time - Help Net Security

Farsight Security introduced DNSDB 2.0, which enables security professionals to identify and map domain names and IP addresses associated with bad actors or used in malicious infrastructures, brand infringement campaigns, phishing schemes, ransomware and other cybercrime.

“My team and I set out in 2008 to build the biggest and most diverse surveillance-free observational network, and, in 2010, to build the highest fidelity and highest performing passive DNS database – and we have. We launched Farsight Security as a new company to pursue this work seven years ago, in 2013, and today we are the best in the business,” said Paul Vixie, CEO.

“But we always knew that providing accurate and relevant answers to exact questions was only the beginning, and so we’ve been working on Flexible Search and other features that let us provide relevant answers to approximate, inexact questions. In DNSDB 2.0, we can help investigators find DNS patterns of interest to them even if they don’t know exactly what they’re looking for. This will open a whole new echelon of use cases for our passive DNS technology suite, and we can’t wait to put DNSDB 2.0 into the hands of defenders and investigators to usher in the next era of observational security practices.”

With more than 100 billion DNS observations, DNSDB is the industry standard in historical passive DNS. Traditionally, DNSDB has offered only exact matches, or full-label front or back wildcard searches, such as “*.example.com” or “example.*” DNSDB 2.0 adds new flexible search functions so users can better find – and filter out – only the data they need.

Users of DNSDB can now:

Easily find look-alike domain names used for phishing attacks against their brands
Identify patterns ..