Passive DNS allows you to uncover patterns of malicious activity from networks across the world. Global threat data that’s a powerful boost to your security analytics and online brand protection.Get started
Build a picture of potential threats across global networks
Integrates with security & analytics tools
Identify fake & fraudulent brands online
Modern IT encompasses an eco-system of cloud services, supply chain infrastructure, hybrid hosting and more…a world where risks and dependencies can easily be hidden. Passive DNS uncovers connections and allows for better risk mitigation and more informed decisions about services being used.
A brand is only as good as its online reputation and the proliferation of TLDs (there are currently more than 1,000) has meant an explosion in spoofed and faked brands. domains. The rise in mobile devices and messaging Apps has also made it easier for criminals to use lookalike domains to trick users because they are harder to spot on smaller screens. Passive DNS identifies lookalike and fake domains with ease.
Millions of domains are generated annually and the constant increase in the number of TLDs means that there is a huge amount of data to track and record.. However Deteque’s Passive DNS cluster handles more than 200 million DNS records per hour and stores hundreds of billions of record per month, allowing you to search this vast database easily.
Passive DNS is a constantly updated dataset showing in real-time which host names have been resolving to which IP addresses, and when. Data points are combined from around the world, giving you the power to build a picture of potential threats that cannot be seen from a single network.
Query the Passive DNS database via Deteque’s web interface or API to see domains and IP addresses which are suspects in Security & Incident Event Management (SIEM) investigations. Data sets can be further analyzed by users’ own tools to show whether these domains/IP addresses exhibit unusual or suspicious behavior. Deteque users can also receive data as a constant data feed, for continuous integration into existing SIEM and analytics tools and their own proprietary products.
Investigate domains or IP addresses that have raised suspicion, and find out if it is
a single malicious IP or a complex multilayered operation.
Using Passive DNS for Security Professionals
Intellectual Property and marketing specialists who need to identify misuse or spoofing of a brand or trademark. Passive DNS identifies shadow domains, typo squatting, spoofed domains/websites, noting when they have been active and how they are associated with other domains.
Using Passive DNS for Brand Protection
Can search for all the DNS records relating to the subnets of domains under investigation and any infrastructure interest. Use Passive DNS to drill down into the newly discovered networks.
Using Passive DNS for Penetration Testers
Ease the burden on Malware Researchers by reducing the need for complex reverse
engineering when dealing with malware.
Using Passive DNS for Malware Researchers
|Max queries per month||200||1,500||20,000||200,000|
|Max queries per day||20||100||1,000||10,000|
|Advanced search and ‘first-seen’ feature|
|Ideal for?||Testing & Evaluation||Penetration testers
|SMEs reading constant daily usage
Companies intending to integrate Passive DNS data into their products
Start your service, no credit card required
Price is US$ per month
Price is US$ per month
Price is US$ per month
Real Time data feeds: Ideal for security teams performing multiple investigations across complex networks, constant monitoring for Brand and Intellectual Property protection.
Contact us to discuss your requirements
Deteque utilises Passive DNS data from Spamhaus, which is collected across the internet globally, from trusted third parties including hosting companies, enterprises, business & ISPs. We have 20 year track record of being a trusted third party and so our data is not just received from a narrow group of providers.
Data received from subscribers contains no Personally Identifiable Information (PII) so that there is no compromise of organizational, customer or employee data. All data is transported to Deteque with encryption in place. Passive DNS does not store which client (or person) made a query, just the fact that at some point in time, a domain has been associated with a specific DNS record . This ensures that privacy is maintained throughout the system.
There’s free entry level service to get started so it can be tested first before upgrading to a paid for service with greater features.