Farsight Security DNSDB® is the world’s largest DNS intelligence database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure. DNSDB leverages the richness of Farsight’s Security Information Exchange (SIE) data-sharing platform and is engineered and operated by leading DNS experts. Farsight collects Passive DNS data from its global sensor array. It then filters and verifies the DNS transactions before inserting them into the DNSDB, along with ICANN-sponsored zone file access download data. The end result is the highest-quality and most comprehensive DNS intelligence data service of its kind - with more than 100 billion DNS records since 2010.
Enhanced Configuration Management:
- Seamlessly configure your DNSDB Flex, DNSDB RData, DNSDB Summarize RData, DNSDB RRSet, and DNSDB Summarize RRSet actions with ease.
DNSDB Integration:
- Leverage DNSDB Rate Limit functionality for efficient DNS database querying, ensuring optimal performance.
Streamlined Playbooks:
- Utilize the power of DomainTools Iris Investigate in conjunction with Farsight pDNS.
- Investigate domains associated with incidents, enriching them with detailed whois and infrastructure insights.
- Access associated subdomains effortlessly through Farsight’s DNSDB.
- Subscription to DomainTools Iris Investigate and Farsight DNSDB API required for playbook execution.
Actionable Insights:
- Execute actions such as Investigate Domain and DNSDB RData seamlessly within your playbooks for comprehensive incident resolution.
Added the following actions:
Actions
-
Configuration
-
DNSDB Flex
-
DNSDB RData
-
DNSDB Summarize RData
-
DNSDB RRSet
-
DNSDB Summarize RRSet
-
DNSDB Rate Limit
Playbooks
-
DomainTools Iris Investigate With Farsight pDNS: Given a domain or set of domains associated with an incident, enrich the domain using the DomainTools Iris Investigate API, returning whois and infrastructure details. Subsequently retrieve associated subdomains from passive DNS information seen in Farsight’s DNSDB. DomainTools Iris Investigate and Farsight DNSDB API subscriptions are required to run this playbook. This playbook will use the following actions listed above:
-
Investigate Domain
-
DNSDB RData
The integration requires the Security Incident Response and Threat Intelligence products.