Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

11:00 AM
Dark Reading
Dark Reading
Products and Releases

Farsight Security Unveils World's First Real-Time Passive DNS Database Security Analysts Can Now Get Real-Time Observations of the Changing Global DNS

SAN MATEO, CA, October 20, 2015 - In a significant breakthrough in the fight against cybercrime, Farsight Security, Inc. announced today that its flagship product, DNSDB™, the world's largest database of Passive DNS information including domain, IP addresses and name server records, now provides real-time observations of the world's changing global DNS.

With a global sensor array, Farsight Security currently receives more than 200,000 observations per second illuminating the global DNS. In the past, it could often take up to an hour for these new observations to be received, de-duplicated, verified and indexed in DNSDB. With the significant investments in the infrastructure and underlying technology, Farsight's DNSDB customers can now get real-time changes in the same minute that they are first observed.

Since its founding in 2013, Farsight Security has improved the scale and scope of DNSDB. "Farsight believes that time is one thing no one ever has enough of. While an attack is in progress, responders have opportunities they will not have later on during the clean-up phase. We work continuously to pull delay out of our feeds, because any such delay becomes a shadow that threat actors can operate within, free of defense or observation or interference. By reducing the update latency on DNSDB, we make it possible for defenders to check for relationships between DNS objects at the front end, before an attack has progressed," said Farsight CEO Dr. Paul Vixie. "It's like being able to turn the lights on while the cockroaches are still in the middle of the room."

Over the last year, Farsight's DNSDB has been recognized as an essential tool for security related investigations and incident response teams. With over 150% customer growth this past year, Farsight has expanded into financial, healthcare, utilities, governmental and industrial markets. Real-time DNSDB was created to meet customer demand for a near instantaneous service to detect DNS related observations.

"The DNSDB dataset from Farsight Security has been incredibly useful on our research and product development of advanced analytical and machine learning techniques for detection of cyber-threats. With real-time DNSDB, not only can our data fidelity improve, but any organization can achieve immediate visibility to potential malware campaigns and create faster response and mitigation techniques to reduce organizational impact," said Alex Pinto, Chief Data Scientist of Niddel.

The Need for Real Time DNSDB

Criminals often create and discard thousands of domain names within minutes for phishing attacks and other methods to "fly below the radar" during cyberattacks. These domain names and IP addresses, however, can provide rich threat intelligence, from information when attackers entered a network to their motives and methods.

With more than 8 billion domains and hostnames collected since 2010 -- all indexed for easy searches -- DNSDB enables threat intelligence teams, security analysts and incident responders to search for specific hosts or subdomains within a domain and gain immediate insight into subordinate names living under the base domain.

DNSDB with real-time observations enable faster, more proactive detection. Farsight's threat intelligence information can now be leveraged in organizations to increase the level of protection from cyberattacks.

Use cases include:

Amplify the value of existing threat intelligence Confirmed threats can also be reviewed for known associates Assess threats for common IP infrastructure or other shared resources Detect domain hijacking of organization's domains as the hijacking is occurring Increase spam blocking effectiveness thru faster detection of associated spam domains Support incident response process with immediate, ground-truth DNS configuration data Significantly reduce false positives in Threat Intel Improve brand protection by identifying rogue uses of domain across TLDs

Pricing & Availability

Access to DNSDB is available as a subscription service. Farsight customers can take advantage of this real-time threat intelligence information immediately. To learn more about services, pricing and other information, please contact Farsight Security at [email protected] or call +1-650-489-7919. As always, Farsight remains committed to improving the safety of the Internet and will continue supporting law enforcement agents, academic researchers, and non-profit organizations with full or partial grants of our services.


About Farsight Security, Inc.

Farsight Security provides the world's largest real-time actionable threat intelligence information on how the Internet is changing, seeing more than 200,000 DNS-related observations per second. Leveraging proprietary technology that was purpose-built to manage the volume of data and real-time analyses, Farsight provides security teams with the Internet's view of an organization's web presence and how it is changing, whether those changes were made purposely, inadvertently, or maliciously. The world's most security conscious organizations use Farsight for their real-time threat intelligence information. For more information, please contact us through our website at https://www.farsightsecurity.com/ or follow us on LinkedIn, Twitter, and Facebook.




Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-01-20
The store system in PrestaShop allows time-based boolean SQL injection via the module=productcomments controller=CommentGrade id_products[] parameter.
PUBLISHED: 2021-01-20
Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token in the cookie against a CSRF token that is stored in the session. An attacker does not even need to p...
PUBLISHED: 2021-01-20
This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection.
PUBLISHED: 2021-01-20
A stored Cross-Site Scripting (XSS) vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. This code is interpreted by users in a privileged role (Administrator, Editor, etc.).
PUBLISHED: 2021-01-20
XWiki 12.10.2 allows XSS via an SVG document to the upload feature of the comment section.