Passive DNS data provides you with increased visibility across the internet infrastructure. This simple to use and effective investigation tool speeds up cyber research and investigations.Get started
Build a picture of potential threats across global networks
Integrates with security & analytics tools
Identify fake & fraudulent brands online
Modern IT encompasses an eco-system of cloud services, supply chain infrastructure, hybrid hosting and more…a world where risks and dependencies can easily be hidden. Passive DNS uncovers connections and allows for better risk mitigation and more informed decisions about services being used.
A brand is only as good as its online reputation and the proliferation of TLDs (there are currently more than 1,000) has meant an explosion in spoofed and faked brands. domains. The rise in mobile devices and messaging Apps has also made it easier for criminals to use lookalike domains to trick users because they are harder to spot on smaller screens. Passive DNS identifies lookalike and fake domains with ease.
Millions of domains are generated annually and the constant increase in the number of TLDs means that there is a huge amount of data to track and record.. However Deteque’s Passive DNS cluster handles more than 200 million DNS records per hour and stores hundreds of billions of record per month, allowing you to search this vast database easily.
Passive DNS is a constantly updated dataset showing in real-time which host names have been resolving to which IP addresses, and when. Data points are combined from around the world, giving you the power to build a picture of potential threats that cannot be seen from a single network.
Query the Passive DNS database via Deteque’s web interface or API to see domains and IP addresses which are suspects in Security & Incident Event Management (SIEM) investigations. Data sets can be further analyzed by users’ own tools to show whether these domains/IP addresses exhibit unusual or suspicious behavior. Deteque users can also receive data as a constant data feed, for continuous integration into existing SIEM and analytics tools and their own proprietary products.
Investigate domains or IP addresses that have raised suspicion, and find out if it is
a single malicious IP or a complex multilayered operation.
Using Passive DNS for Security Professionals
Intellectual Property and marketing specialists who need to identify misuse or spoofing of a brand or trademark. Passive DNS identifies shadow domains, typo squatting, spoofed domains/websites, noting when they have been active and how they are associated with other domains.
Using Passive DNS for Brand Protection
Can search for all the DNS records relating to the subnets of domains under investigation and any infrastructure interest. Use Passive DNS to drill down into the newly discovered networks.
Using Passive DNS for Penetration Testers
Ease the burden on Malware Researchers by reducing the need for complex reverse
engineering when dealing with malware.
Using Passive DNS for Malware Researchers
Ideal for users with very low query volumes and limited budget.
Ideal for individuals with low to medium query volume requirements, including Pen Testers & Security Researchers.
Ideal for subject matter experts and businesses with medium to high usage requirements with access to full features. Includes Security, Research and Brand Protection teams.
|EnterpriseContact us for
Ideal for companies intending to integrate Passive DNS data into their products.
|Max queries per month||200||1,500||20,000||200,000|
|Max queries per day||20||100||1,000||10,000|
|i Exact match||Yes||Yes||Yes||Yes|
|i Left match||-||-||Yes||Yes|
|i Right match||Yes||Yes||Yes||Yes|
|i Word match||-||-||Yes||Yes|
|i Fuzzy match||-||-||Yes||Yes|
|i Internationalized domain name search||-||-||Yes||Yes|
|i First seen||-||-||Yes||Yes|
|i Last seen||Yes||Yes||Yes||Yes|
|i Real-Time Data Feeds||-||-||-||Negotiable|
Start your service, no credit card required
Sign up for a free account first and then upgrade via the portal
|30 day free trial
30 day free unrestricted access to all our advanced features with no credit card required
We will put together a personalized subscription based on your business needs
Deteque utilises Passive DNS data from Spamhaus, which is collected across the internet globally, from trusted third parties including hosting companies, enterprises, business & ISPs. We have 20 year track record of being a trusted third party and so our data is not just received from a narrow group of providers.
Data received from subscribers contains no Personally Identifiable Information (PII) so that there is no compromise of organizational, customer or employee data. All data is transported to Deteque with encryption in place. Passive DNS does not store which client (or person) made a query, just the fact that at some point in time, a domain has been associated with a specific DNS record . This ensures that privacy is maintained throughout the system.
Yes. Sign up for our 30 day free trial for the 'Pro' subscription to discover the full search capabilities Passive DNS offers. No credit card details are required, and if you don't want to continue with this plan you can move to the free Basic account at the end of the trial.