SAN MATEO, CA, October 20, 2015 - In a significant breakthrough in the fight against cybercrime, Farsight Security, Inc. announced today that its flagship product, DNSDB™, the world's largest database of Passive DNS information including domain, IP addresses and name server records, now provides real-time observations of the world's changing global DNS.
With a global sensor array, Farsight Security currently receives more than 200,000 observations per second illuminating the global DNS. In the past, it could often take up to an hour for these new observations to be received, de-duplicated, verified and indexed in DNSDB. With the significant investments in the infrastructure and underlying technology, Farsight's DNSDB customers can now get real-time changes in the same minute that they are first observed.
Since its founding in 2013, Farsight Security has improved the scale and scope of DNSDB. "Farsight believes that time is one thing no one ever has enough of. While an attack is in progress, responders have opportunities they will not have later on during the clean-up phase. We work continuously to pull delay out of our feeds, because any such delay becomes a shadow that threat actors can operate within, free of defense or observation or interference. By reducing the update latency on DNSDB, we make it possible for defenders to check for relationships between DNS objects at the front end, before an attack has progressed," said Farsight CEO Dr. Paul Vixie. "It's like being able to turn the lights on while the cockroaches are still in the middle of the room."
Over the last year, Farsight's DNSDB has been recognized as an essential tool for security related investigations and incident response teams. With over 150% customer growth this past year, Farsight has expanded into financial, healthcare, utilities, governmental and industrial markets. Real-time DNSDB was created to meet customer demand for a near instantaneous service to detect DNS related observations.
"The DNSDB dataset from Farsight Security has been incredibly useful on our research and product development of advanced analytical and machine learning techniques for detection of cyber-threats. With real-time DNSDB, not only can our data fidelity improve, but any organization can achieve immediate visibility to potential malware campaigns and create faster response and mitigation techniques to reduce organizational impact," said Alex Pinto, Chief Data Scientist of Niddel.
The Need for Real Time DNSDB
Criminals often create and discard thousands of domain names within minutes for phishing attacks and other methods to "fly below the radar" during cyberattacks. These domain names and IP addresses, however, can provide rich threat intelligence, from information when attackers entered a network to their motives and methods.
With more than 8 billion domains and hostnames collected since 2010 -- all indexed for easy searches -- DNSDB enables threat intelligence teams, security analysts and incident responders to search for specific hosts or subdomains within a domain and gain immediate insight into subordinate names living under the base domain.
DNSDB with real-time observations enable faster, more proactive detection. Farsight's threat intelligence information can now be leveraged in organizations to increase the level of protection from cyberattacks.
Use cases include:
Amplify the value of existing threat intelligence Confirmed threats can also be reviewed for known associates Assess threats for common IP infrastructure or other shared resources Detect domain hijacking of organization's domains as the hijacking is occurring Increase spam blocking effectiveness thru faster detection of associated spam domains Support incident response process with immediate, ground-truth DNS configuration data Significantly reduce false positives in Threat Intel Improve brand protection by identifying rogue uses of domain across TLDs
Pricing & Availability
Access to DNSDB is available as a subscription service. Farsight customers can take advantage of this real-time threat intelligence information immediately. To learn more about services, pricing and other information, please contact Farsight Security at [email protected] or call +1-650-489-7919. As always, Farsight remains committed to improving the safety of the Internet and will continue supporting law enforcement agents, academic researchers, and non-profit organizations with full or partial grants of our services.
About Farsight Security, Inc.
Farsight Security provides the world's largest real-time actionable threat intelligence information on how the Internet is changing, seeing more than 200,000 DNS-related observations per second. Leveraging proprietary technology that was purpose-built to manage the volume of data and real-time analyses, Farsight provides security teams with the Internet's view of an organization's web presence and how it is changing, whether those changes were made purposely, inadvertently, or maliciously. The world's most security conscious organizations use Farsight for their real-time threat intelligence information. For more information, please contact us through our website at https://www.farsightsecurity.com/ or follow us on LinkedIn, Twitter, and Facebook.