Passive DNS

Passive DNS

Passive DNS allows you to uncover patterns of malicious activity from networks across the world. Global threat data that’s a powerful boost to your SIEM and security analysis.

Start my free account

Builds a picture of potential threats across global networks

Continuous integration into existing SIEM and analytics tools

Global intelligence to secure your organization

What it is

Passive DNS is a constantly updated dataset showing in real-time which host names have been resolving to which IP addresses, and when. Data points are combined from around the world, giving you the power to build a picture of potential threats that cannot be seen from a single network.

A beginners guide to Passive DNS


How it works

Query the Passive DNS database via Deteque’s API to see domains and IP addresses which are suspects in Security & Incident Event Management (SIEM) investigations. Data sets can be further analyzed by users’ own tools to show whether these domains/IP addresses exhibit unusual or suspicious behaviour.

Deteque users can also receive data as a constant data feed, for continuous integration into existing SIEM and analytics tools and their own proprietary products.

Download the factsheet

Engage with us on

It's time to protect your organization

Start my free trial