Farsight DNSDB for Splunk

The Farsight DNSDB for Splunk App gives organizations like yours broader analysis and investigation capabilities. The primary goal of the application is to add contextual information and situational awareness from DNSDB to your existing event data. DNSDB is the most comprehensive historical database of passive DNS data about how IPs, domains, and Internet infrastructure are interconnected and have evolved. By augmenting your internal organization's information with real-time Internet infrastructure information, your team will have better visibility for the detection, identification and analysis of threats and adversary infrastructure and capabilities. Your team is able to click on any IP or domain in Splunk to generate a DNSDB query to learn about its history and related infrastructure. You can also add this capability to your existing workflow to auto generate the query and populate the contextual information. Farsight Security DNSDB is the world’s largest DNS intelligence database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure. DNSDB, is used by security teams to qualify, enrich and correlate cyberattack data such as IP addresses and domains to save time during an investigation and remediation. Farsight collects Passive DNS data from its global sensor array with more than 100 billion domain resolution records and updated in real-time at over 200,000 times/second. For further information, please visit www.farsightsecurity.com or contact sales at sales@farsightsecurity.com.