Partner Datasheet

Partner Datasheet: Farsight

<h2 class="text-center">Farsight Security<sup>®</sup> DNS Intelligence</h2> <h4>Delivers Unmatched Visibility to Improve Threat Detection and Proactively Defend Against Cyberattacks</h4> <h3>Anomali and Farsight Joint Solution Features</h3> <ul> <li>Farsight Security offers real-time Passive DNS data as part of the Anomali APP Store, a marketplace for premium threat intelligence.</li> <li>When Anomali users identify a potential malicious IP address or domain name, they can—with a click of a button—purchase access to Farsight’s Passive DNS data to quickly investigate these digital artifacts to advance their investigations. <ul> <li>Access real-time and historical Passive DNS data from within the Anomali platform</li> <li>Enhance, enrich, and contextualize threat intelligence data to concentrate investigations</li> </ul> </li> </ul> <h3>Immediate Time-to-Value</h3> <ul> <li>Discover associations among threat actors and track and block their activity.</li> <li>Perform fact-based risk assessment of domain names and IP addresses.</li> <li>Uncover all domains using the same name server infrastructure used by a “known bad” domain.</li> <li>Reveal the IPs an adversary is using to conceal malicious activity and avoid takedowns.</li> </ul> <h2>Accelerate Incident Research and Post Breach Analysis</h2> <p>Anomali and Farsight Security recognize the value that threat intelligence sharing and collaboration plays in increasing the speed and accuracy of threat investigations.</p> <div class="row"> <div class="col-md-4"> <h4>Critical Intelligence</h4> <p>Contextualize, correlate and transform all of your threat and network data to increase the value of your security operations.</p> </div> <div class="col-md-4"> <h4>Flexible Deployments</h4> <p>Fast, scalable implementation onpremises and in the cloud.</p> </div> <div class="col-md-4"> <h4>Immediate Results</h4> <p>Improve the speed, accuracy and global view of your digital investigations for faster risk mitigation and prevention.</p> </div> </div> <h2><strong>Case Study</strong><br /> A New Threat From an Old Enemy</h2> <table style="width:100%"> <tbody> <tr> <td style="width:60px;vertical-align:top;"><img alt="" src="https://www.anomali.com/images/uploads/resources/challenge.png" style="width: 45px;" /></td> <td> <h3 class="nomargin">Challenge:</h3> <p>Incident Response teams discover new threat intelligence only to find that the threat has been around for months. The team needs to ‘turn back the clock’ and see if anyone in their organization previously visited the identified and/or associated sites and potentially compromised their network.</p> </td> </tr> <tr> <td style="width:60px;vertical-align:top;"><img alt="" src="https://www.anomali.com/images/uploads/resources/solution.png" style="width: 45px;" /></td> <td> <h3 class="nomargin">Solution:</h3> <p>By enriching Anomali data with Farsight Security’s DNSDB, Incident Responders can use historical DNSDB records to gain context and learn the footprint of the attacker’s DNS infrastructure. This will allow Responders to observe the attacker’s use of DNS to conceal their identity and uncover how employees have engaged with those sites.</p> </td> </tr> <tr> <td style="width:60px;vertical-align:top;"><img alt="" src="https://www.anomali.com/images/uploads/resources/benefit.png" style="width: 45px;" /></td> <td> <h3 class="nomargin">Customer Benefit:</h3> <p>Access to historical DNS enriches current threat data to quickly understand and respond to threats and security compromises.</p> </td> </tr> </tbody> </table> <h2><strong>Case Study</strong><br /> Proactively Detect and Isolate Advanced Threats</h2> <table style="width:100%"> <tbody> <tr> <td style="width:60px;vertical-align:top;"><img alt="" src="https://www.anomali.com/images/uploads/resources/challenge.png" style="width: 45px;" /></td> <td> <h3 class="nomargin">Challenge:</h3> <p>Threat Hunters map out the miscreant’s infrastructure in preparation for take down or discovering advanced threats.</p> </td> </tr> <tr> <td style="width:60px;vertical-align:top;"><img alt="" src="https://www.anomali.com/images/uploads/resources/solution.png" style="width: 45px;" /></td> <td> <h3 class="nomargin">Solution:</h3> <p>Historical DNS allows Hunters to map out the attacker’s infrastructure. By enriching Anomali data with Farsight Security’s DNSDB, Threat Hunters can learn the historical DNS mappings of the IP addresses, name servers, and mail servers associated with the attacker’s organization.</p> </td> </tr> <tr> <td style="width:60px;vertical-align:top;"><img alt="" src="https://www.anomali.com/images/uploads/resources/benefit.png" style="width: 45px;" /></td> <td> <h3 class="nomargin">Customer Benefit:</h3> <p>Tie related infrastructures to the attacker’s organization and see other related infrastructures to proactively detect and isolate advanced threats.</p> </td> </tr> </tbody> </table>