CHANNELS

Subscribe to the InfoTech eNewsletter

infoTECH News

TMCNet:  Farsight Security Announces New Technical Advancement In Fight Against Cybercrime

[June 23, 2014]

Farsight Security Announces New Technical Advancement In Fight Against Cybercrime

BOSTON --(Business Wire)--

FIRST Conference -- In a significant milestone in the fight against cybercrime, Farsight Security, Inc. will debut Newly Observed Domains (NOD), a new set of data solutions that provide real-time actionable insights on young domain names at the FIRST Conference in the Boston Park Plaza Hotel.

Founded by Internet pioneer and DNS thought leader Dr. Paul Vixie, Farsight today also announced that the company has emerged from stealth mode. Farsight closes the Threat Intelligence context gap with real-time Passive DNS solutions that provide valuable context information to prepackaged reputation and threat feeds e.g. IOCs, whitelists, and blacklists.

The Need For Domain Name Intelligence

Tens of thousands of new domain names are created every day -- many are used to facilitate spam or cybercrime. For example, Farsight's analysis of a relevant sample of recent spam has indicated that 10 percent of all spam uses domain names less than 10 minutes old. The recent increase of domain name registrations has made takedowns more difficult.

With NOD, security teams can obtain real-time actionable insights on the basis of the age of domain names. Using such insights on domain names either obtained from vendor-supplied threat feeds or through the normal course of data processing, network security teams can blockoutbound connections to newly minted domain names used by attackers; filter very new domain names, e.g. 5 minutes or less, to fight spam; and prevent brand dilution by taking action when new names appear on our real-time domain name broadcasts.

"At Farsight, we are leveraging our renowned DNS expertise to greatly improve the value of Threat Intelligence today. Many new domain names are hostile and used for nefarious purposes. NOD provides actionable insights into new domain names that can be used to validate or reveal previously unknown information about cyberthreats so immediate steps can be taken to protect Intellectual Property and other confidential assets," said Dr. Vixie.

The Speed of NOD

NOD leverages Farsight's real-time SIE Passive DNS telemetry feed and cross-references that data with its DNSDB, the industry's largest, most proven historical database of Passive DNS data. From the perspective of a 10-day sliding window of observation, NOD detects over 1 million newly active domains per day and validates that over 50,000 of those are newly configured to the perspective of the historical DNSDB database. Leveraging real-time Passive DNS data, NOD discovers newly configured domain names within 3 hours of registration (median time) compared to approximately 17 hours using other discovery methods, e.g. TLD Zone File Access.

Pricing and Availability

NOD solutions are available via subscription and have three delivery options:

  • Farsight SIE Broadcast Channels - a broad suite of real-time security telemetry delivery solutions, including SIE Remote Access (SRA), which can project streams of telemetry directly to subscribers' data centers
  • DNS Block List - special zone file containing domain age-related information, which can support very high query rates and readily integrated into SpamAssassin environments
  • DNS Response Policy Zones (RPZs) - DNS firewall rules implementing various thresholds of risk ranging from 5 minutes to 24 hours

To learn more about NOD and how it can help your organization, please contact sales@farsighsecurity.com.

About Farsight Security, Inc.

Today's Threat Intelligence lacks the context needed to be actionable. Founded in 2013 by Internet pioneer and DNS thought leader, Dr. Paul Vixie, Farsight Security, Inc. provides network security solutions that deliver that critical contextual information (the information documenting the network configuration of the threat and of the Internet surrounding the threat) to significantly increase the value of Threat Intelligence. Farsight real-time Passive DNS solutions include DNSDB, SIE and NOD. Current customers include large enterprises and leading security companies and researchers. The company is headquartered in San Mateo, California. To learn more about us, please visit http://www.farsightsecurity.com or follow us at LinkedIn, Twitter and Facebook.


[ InfoTech Spotlight's Homepage ]


blog comments powered by Disqus

FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter