We believe that creating and investing in an ecosystem of technology partners is imperative in delivering better business outcomes for our customers. Sharing threat intelligence and insights across ISACs, ISAOs, and other communities also depend on this collaboration.
<p>As mentioned in our <a href="https://www.anomali.com/blog/introduction-to-passive-dns-usage-in-threatstream">previous blogpost</a> on passive DNS (PDNS), ThreatStream recently added passive DNS to its Optic™ Platform. Passive DNS is a technique for capturing, storing, and indexing DNS queries and responses to enable forensic search, discovery, and analysis over historic DNS records. It enables analysts to expose relationships between domain names and IP addresses that would be very difficult if not impossible to determine otherwise.</p><p><span style="line-height: 1.6;">In the videos below, we discuss two use cases that outline how passive DNS can be useful for security/forensics investigations on network Indicators of Compromise (IOCs).</span></p><p>Using Passive DNS in ThreatStream to Detect Domain Parking</p><p><iframe allowfullscreen="" frameborder="0" height="281" mozallowfullscreen="" src="https://player.vimeo.com/video/122595836" webkitallowfullscreen="" width="500"></iframe></p><p>Using Passive DNS in ThreatStream to Detect Dynamic Threats</p><p><iframe allowfullscreen="" frameborder="0" height="281" mozallowfullscreen="" src="https://player.vimeo.com/video/122595835" webkitallowfullscreen="" width="500"></iframe></p><p>How can this help you? Click <a href="https://ui.threatstream.com/registration/">here</a> to get a free account...</p>
Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox
Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.