Unleash the Power of DNS History for Unprecedented Threat Hunting
At Validin, we seek to make it as easy as possible to search for accurate, timely, and complete passive DNS about public networks for threat hunting and attack surface management. Over the last 6 months, the Validin team has worked tirelessly with security researchers and industry leaders to develop an infrastructure tracking and threat-hunting platform unlike any other, centered around our comprehensive DNS history. Today, after months of development, testing, and iteration with our pilot participants, we’re thrilled to announce the general commercial availability of our platform.
The internet constantly and rapidly evolves, making real-time threat-hunting tools essential for today’s cybersecurity practitioners. Detailed infrastructure history enables analysts and researchers to go back in time to understand changes and connections to related infrastructure. Detailed DNS history and associated context are crucial for understanding usage and intent and expanding knowledge of friendly and adversarial infrastructure.
“[The Validin] platform is already indispensable for context enrichment” - Cyber Security Analyst at a Financial Services Company
Introducing the Validin Platform
The Validin platform enables threat hunters to search with unprecedented ease and granularity, tying together DNS, open-source threat intelligence, endpoint response behaviors, and SSL certificates in one interface. This rich data enables analysts and researchers to quickly understand context, triage indicators, and extend knowledge of known infrastructure.
“Validin’s platform enables me to build analytics, search for dependencies and similarities, and identify coverage gaps for further improvement of network IOC detection.” - Mikhail Kasimov, Maltrail project
Key Benefits
Validin’s continuous measurement of the global DNS infrastructure enables high-resolution insights for current state and more than 4 years of resolution history. With Validin, you can see when actors activate, change, or disable infrastructure.
Validin also enables pivoting across dozens of different fields and associations, enabling analysts to quickly find related connections and infrastructure across a wide assortment of techniques, tools, and technologies used by threat actors.
Additionally, Validin collects over 650 different open-source threat intelligence sources in the platform to provide immediate context for indicator searches. Validin can help analysts quickly understand if infrastructure is common or uncommon, known or unknown, so you can focus on the most relevant indicators.
Existing Research that Uses the Validin Platform
Validin’s platform has already been used for enriching threat hunting investigations.
Uncovering DDGroup - A long-time threat actor
Infrastructure Analysis: LockBit 3.0
Getting Started
Interested? Sign up for our free community edition to get started.
Our commercial edition starts at $49 a month and scales to enterprises. See our pricing page for more details. Special pricing is available for researchers and students.
Contact us to learn more and follow us on Twitter for updates.