Farsight Security to Debut Real-Time Security Data Innovations at RSA ConferenceFarsight Security to Debut Real-Time Security Data Innovations at RSA Conference
Farsight Security to introduce the industry’s first Newly Active Domains data feed together with SIE Batch, an easier way to consume real-time data via its Security Information Exchange platform
February 12, 2020
San Mateo, California, February 12, 2020, Farsight Security®, Inc., the world’s leading provider of DNS Intelligence, today announced significant enhancements to its flagship, Security Information Exchange (SIE) data-sharing platform to help security professionals measurably improve the prevention, detection and response of the latest cyberattacks. These enhancements include:
· Newly Active Domains: The industry’s first real-time DNS Intelligence data feed that reports domains as they resume activity on the Internet after a period of inactivity (10 days or more). This data is very useful to detect, block, and investigate domains used by threat actors who first acquire new or reuse expired domains, then establish a positive reputation for these domains for a period of time before using them for malicious activity.
· SIE Batch: A new easy-to-use and easy-to-integrate delivery method to access data from our powerful, proven real-time solutions – available via both API and a Web interface -- including Newly Observed Domains, DNS Changes and the newly added, Newly Active Domains, as well as high-value third-party data feeds including Darknet, Spam, Phishing URLS and DDoS Events, all available via the company’s flagship Security Information Exchange platform.
Farsight will demonstrate these technical enhancements to the Security Information Exchange at Booth 3338 South at the RSA® Conference, February 24th-28th, 2020 in San Francisco.
"Farsight was founded on the idea of observational security, and the Security Information Exchange (SIE) is at the heart of our business. We are proud how much of the Internet can indirectly be observed through SIE, on both the DNS-related channels and the other less well-known channels. Some SIE users have told us that their use-cases value completeness of data over the timeliness of real-time SIE streaming. So, with SIE Batch, we now have a way to deliver SIE channel information using reliable file transfers, which can be delayed but not damaged by network outages,” said Farsight Security CEO Dr. Paul Vixie. “Farsight will continue to innovate to put observations of Internet infrastructure and behaviour into the hands of responsible defenders, while continuing to avoid the collection of any PII (personally identifiable information). SIE Batch and Newly Active Domains are the next steps in that long journey.”
Farsight: A Pioneer of Real-Time DNS Data Solutions
Founded in 2013, Farsight Security recognized early on the importance of real-time data in cyber investigations. Farsight data provides unmatched fidelity, low latency, high performance and diverse geographic coverage. Below represent a small sample of Farsight’s SIE real-time data channels. For a complete list of SIE Channels, visit here.
NOD is a powerful tool to alert on a domain’s initial activity on the Internet. This real-time knowledge allows organizations to block inbound and outbound connections to these domains for, at least, the first 24 hours or until security teams have more intelligence.
React in real-time to new hostnames, or fully qualified domain names (FQDNs), when they are first observed. This real-time knowledge allows organizations to watch for and discover infringing domains and malicious host names targeting their users and customers.
Observe changes to domain name configurations, such as when a new domain is created or an existing domain moves to a new IP address, uses different name servers, or migrates to IPv6. This real-time knowledge on a host-by-host basis enables operational capabilities to detect domain hijacking and unexpected or unauthorized changes to DNS configuration.
Reports the domain names people are trying to resolve but cannot. This real-time knowledge includes all available data about unsuccessful DNS queries, including the SERVFAIL and REFUSED messages, that is otherwise difficult to obtain global perspective for the operational monitoring of name servers.
Leverages the “No Such Domain” responses delivered when failing to reach domains or hostnames. This real-time knowledge provides the ability to empirically characterize user mistakes, identify configuration errors, and collect potentially valuable brand protection opportunities with similar domain names.
Pricing & Availability
SIE Batch and Newly Active Domains will be available on February 24th, the first day of the RSA® Conference.
SIE Batch will be available to users who subscribe to one or more SIE Channels and can be purchased as either a standalone access method or as a complimentary access method to SIE Remote Access, SIE Lan and AXA-Rest.
Newly Active Domains will be available as a separate channel. To obtain pricing for Newly Active Domains or any other real-time channels available on the Security Information Exchange, please contact [email protected].
About Farsight Security, Inc.
Farsight Security, Inc. is the world’s largest provider of historical and real-time passive DNS data. We enable security teams to qualify, enrich and correlate all sources of threat data and ultimately save time when it is most critical - during an attack or investigation. Our solutions provide enterprise, government and security industry personnel and platforms with unmatched global visibility, context and response. Farsight Security is headquartered in San Mateo, California, USA. Learn more about how we can empower your threat platform and security team with Farsight Security passive DNS solutions at https://www.farsightsecurity.com/ or follow us on Twitter: @FarsightSecInc.
Director of Corporate Communications
Farsight Security, Inc.
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023