Farsight Security DNSDB App for Phantom Automates DNS Lookups To Improve Productivity, Speed and Accuracy For Cybersecurity Investigations
Farsight DNSDB Integration with the Phantom Security Automation and Orchestration Platform Enables Security Teams To Automate DNS Lookups At Machine Speed
Farsight Security, Inc., the world’s largest provider of real-time and historical DNS intelligence, today announced Farsight DNSDB App for Phantom to automate DNS lookups, at machine speed, as part of security teams’ workflow, to significantly improve the productivity, speed and accuracy of their digital investigations.
“Domain name abuse is a common technique in committing phishing and other cyberattacks so it is critical that security analysts gain insight into suspicious domains and IP addresses. As a leading provider of DNS intelligence, Farsight Security is a natural technical partner for Phantom. We are pleased to be able to offer our customers and community members access to Farsight’s robust DNSDB database,” said Rob Truesdell, Director of Product Management at Phantom.
Cybercriminals often create and discard thousands of domain names within minutes for phishing attacks and other methods to “fly below the radar” during cyberattacks. These domain names and related IP addresses can provide rich threat intelligence, from information when attackers entered a network to motives and methods.
The investigation of suspicious IP address or domains is a standard practice in security investigation. In the past this task was handled manually, taking 20 minutes or more of an analyst’s time per investigation. By leveraging the Phantom Security Automation and Orchestration Platform, Farsight DNSDB App for Phantom automates this critical task and reduces investigation time down to seconds. Through the Phantom App model and automation, Farsight DNSDB now seamlessly integrates with other incident response tasks so no alert ever goes untouched and investigations can advance quickly and accurately.
“Today’s security teams are facing numerous challenges, from staff shortages to numerous inbound threats. With the launch of Farsight DNSDB App for Phantom, Farsight and Phantom together successfully address these challenges by improving productivity and putting organizations at ease that security events are continuously being investigated, leading to a more secure business,” said Andrew Lewman, Chief Revenue Officer of Farsight Security, Inc.
Farsight DNSDB is the world’s largest historical database of Passive DNS data with more than 13 billion DNS observations collected since 2010 -- all indexed for easy searches. The Phantom Automation and Orchestration Platform is the “connective tissue” that integrates key security technologies and digitally codifies the workflows critical to any investigation.
Farsight DNSDB App for Phantom is currently available in two of Phantom’s most popular Playbooks: Phishing Playbook, which can be used to investigate and remediate phishing emails; and the Investigate Playbook, which queries several external reputation and intelligence services to enrich events in your data.
Phantom offers playbooks for investigation, threat hunting, and several others through the community playbook library at my.phantom.us. Users can easily pull playbooks from the Phantom Community Site or create their own visual workflows with the Playbook Editor.
Pricing and Availability
Farsight DNSDB App for Phantom is available now as part of the Phantom platform. To use the App, Phantom customers first must secure a license for DNSDB from Farsight Security at firstname.lastname@example.org .
About Farsight Security, Inc.
Farsight Security, Inc. provides the world’s largest real-time threat intelligence on changes to the Internet. Leveraging proprietary technology with over 200,000 observations/second, Farsight provides the Internet’s view of an organization and how it is changing purposely, inadvertently or maliciously. For more information on Farsight, please visit https://farsightsecurity.com.
Phantom, which was recognized as the most innovative company at the 2016 RSA Conference, automates and orchestrates key stages of security operations from prevention to triage and resolution; delivering dramatic increases in productivity and effectiveness. Ranging from simple automation to fully autonomous response, Phantom lets you choose the best balance that fits your organization’s needs while increasing security and accelerating security operations. Focused on closing the security skills gap by enabling enterprise security operations to be smarter, faster and stronger; Phantom provides the flexibility to connect in-house and third-party systems into one open, integrated, and extensible platform. Phantom was founded by enterprise security veterans Oliver Friedrichs and Sourabh Satish who have helped propel companies like Symantec, Sourcefire, Cisco and others to success. For more information visit: http://www.phantom.us/and follow us @TryPhantom.
( Press Release Image: http://photos.webwire.com/prmedia/55541/207266/207266-1.jpg )
- Contact Information
- Karen Burke
- Media Contact
- Farsight Security, Inc.
This news content may be integrated into any legitimate news gathering and publishing effort. Linking is permitted.
News Release Distribution and Press Release Distribution Services Provided by WebWire.