Passive DNS allows you to uncover patterns of malicious activity from networks across the world. Global threat data that’s a powerful boost to your SIEM and security analysis.Start your free trial
Passive DNS is a constantly updated dataset showing in real-time which host names have been resolving to which IP addresses, and when. Data points are combined from around the world, giving you the power to build a picture of potential threats that cannot be seen from a single network.
Query the Passive DNS database via Deteque’s API to see domains and IP addresses which are suspects in Security & Incident Event Management (SIEM) investigations. Data sets can be further analyzed by users’ own tools to show whether these domains/IP addresses exhibit unusual or suspicious behaviour.
Deteque users can also receive data as a constant data feed, for continuous integration into existing SIEM and analytics tools and their own proprietary products.Download the factsheet