1. Introduction
Farsight Security’s flagship passive DNS database, DNSDB®, is reaching new heights with a host of powerful new features. Today we’re announcing DNSDB 2.0: DNSDB’s 10th Anniversary gift to security professionals, threat hunters, and researchers everywhere offering brand new ways to search over 100 billion DNS records.
General Availability for DNSDB 2.0 is scheduled for October 20th.
2. Lightning Meets Quick
DNSDB already held the crown as the fastest passive DNS resource out there, but now DNSDB will be even faster than before. The new DNSDB 2.0 API architecture is able to return results more quickly than ever, enabling faster threat response speeds for even the broadest queries. Time is always of the essence, and DNSDB 2.0’s agility will ensure you have more time to dedicate to other aspects of your investigation.
3. A Flexible Way to Search
DNSDB 2.0 introduces Flexible Search support, unlocking both Regular Expressions and Globbing syntaxes for more granular and accurate search results. Previously, DNSDB queries were unable to contain metacharacters, groupings, repetitions, and other pattern matching values – Flexible Search bakes all of these techniques right in. If you’ve ever wanted to use DNSDB for brand and generic term searching now you can.
For a deep dive on how to use these searching techniques head on over to What’s A Regular Expression? and What is Globbing?.
4. New to the Toolbox
If you’re already familiar with dnsdbq you’ll make quick friends with dnsdbflex – a new command-line tool that will enable DNSDB 2.0 in the comfort of your terminal.
DNSDB Scout will sport a fresh look to enable the new DNSDB 2.0 functionality, too. Take it for a spin in your favorite browser on release day, October 20th:
Figure 1 (above): Keyword searches are supported in Flexible Search. In this example, a search for “bank” yields many results.
Figure 2 (above): More complex searches like this are now possible. This example search is looking for RRNames that resemble mail server CNAMEs containing numbers and excludes results starting with “www”
The new features found in DNSDB 2.0 were made possible by a new API revision. Head on over to the new API documentation for details on how to use the new API. Support for the original API will remain for a long time to come.
5. Happy Threat Hunting!
We’re thrilled to announce that all DNSDB 2.0 functionality will be available for all DNSDB account and Trial API key holders on release day, free of additional charge. Get in touch with your sales representative for more details.
On the approach to release day, we’ll be publishing new feature walkthroughs and example showcases on our blog. Additionally, we will be doing our first demo of DNSDB 2.0 on September 9th; register here to access the ondemand video when it becomes available. Keep an eye there for more details!
For more information about becoming a API trial user or a DNSDB customer to gain unrestricted access to DNSDB 2.0 API, please fill out the form on our Order Services page or get in contact with our Sales Team at [email protected].
Tyler Wood is a Software Toolmaker with Farsight Security®, Inc..
