See it Live: How RiskIQ Host Pairs Confirm the Lazarus Group Attacks
Get vast internet data sets and advanced analytics to hunt digital threats and defend your company’s digital footprint.
Get RiskIQ Community Edition
Malvertising increased 132% in 2016… Download RiskIQ’s 2016 Malvertising Report to see a breakdown of how threat actor methods are trending.
Get the Report
RiskIQ Best Practices Forum – Get the Most Out of Your RiskIQ Investment
Join us in San Diego April 11-13.
Security Intelligence Services
Enhance your understanding of an attack with historical resolution data
Give It a Test Drive
DNS works like a contact application for the Internet. Instead of having to remember IP addresses for all the websites you wish to access, DNS makes them available using domain names, which are easier to remember and less likely to change.
Passive DNS (PDNS) is a system of record that stores DNS resolution data for a given domain or IP address. This historical resolution dataset allows analysts to view which domains resolved to an IP address and vice versa.
Passive DNS data can provide analysts insight into how a particular domain name or IP address changes over time and enable them to identify other related domains/IP addresses. When researching a suspicious or malicious event, PDNS data can provide context to an attack or additional malicious domains/IP addresses.
Interested in enhancing and enriching your organization’s security operations and incident response activity even further? Then check out:
RiskIQ’s PassiveTotal API