Farsight Security

Updated 2 years ago by TruSTAR

This document explains how to set up the Farsight Security premium intelligence source in the TruSTAR platform.

Farsight Security’s DNSDB™ is a Passive DNS historical database that provides a unique, fact-based, multi-faceted view of the configuration of the global Internet infrastructure. DNSDB leverages the richness of Farsight’s Security Information Exchange (SIE) data-sharing platform and is engineered and operated by leading DNS experts.

  • Source Type: Premium Intel
  • Update Type: Query-based
  • Time to Install: 10 minutes

Observables Supported

  • IP (both IPv4 and IPv6)
  • URL
  • Domain (extracted from the URL)


  • A subscription to Farsight Security DNSDB.
  • A Farsight Security DNSDB API key.
TruSTAR Admin rights are required to activate this Premium Intelligence feed.

Getting Started

  1. Log into the TruSTAR Web App.
  2. Click the Marketplace icon on the left side navigation bar.
  3. Click Premium Intel to view the feeds available.
  4. Click Subscribe on the Farsight Security box.
  5. Enter your Farsight Security API key and click Save Credentials & Request Subscription.

TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.

Known Issues

No reported issues.

Please contact support@trustar.co if you have issues with this integration.

How Did We Do?