This document explains how to set up and use the Farsight Security premium intelligence source with the TruSTAR Web App.
Farsight Security’s DNSDB™ is a Passive DNS historical database that provides a unique, fact-based, multi-faceted view of the configuration of the global Internet infrastructure. DNSDB leverages the richness of Farsight’s Security Information Exchange (SIE) data-sharing platform and is engineered and operated by leading DNS experts.
- Source Type: Premium Intel
- Update Type: Query-based
- Time to Install: 10 minutes
The integration pulls these Observables from Farsight:
- IP (both IPv4 and IPv6 are supported)
- Domain (extracted from the URL)
- A subscription to Farsight Security DNSDB.
- A Farsight Security DNSDB API key.
- Log into the TruSTAR Web App.
- Click the Marketplace icon on the left side navigation bar.
- Click Premium Intel.
- Click Subscribe on the Farsight Security box.
- Enter your Farsight Security API key and click Save Credentials & Request Subscription.
TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.
TruSTAR Report Mapping
<IOC Type> <IOC Value>
Encoded value of <Report Title>
Full JSON response
No reported issues.
Please reach out to firstname.lastname@example.org if you have issues with this integration.