In this three-parts webinar series [Farsight Security](https://www.farsightsecurity.com/) and [CIRCL](https://www.circl.lu/) will provide an overview of Farsight’s Passive DNS data, how historical Passive DNS objective observations can be used to uncover malicious activities going back in time. Using practical use cases, we will then demonstrate how to gather the same evidence using Farsight passive DNS module from within MISP platform, and share the findings with the community. We will leave plenty of time for you to follow the steps we demonstrate, as well as ask questions.
Bad actors can create, use, and discard domain names for malicious campaigns within minutes. Starting with a single suspicious domain or IP address, security professionals can use historical Passive DNS to gain previously unknown information about related DNS assets to help identify the infrastructure used in cyberattacks to enable organizations to more quickly respond and protect against fast-moving online threats, ranging from phishing to nation-state attacks.
In this webinar, Farsight Security will provide an introduction to Passive DNS and popular use cases for threat hunting, brand protection and other cybersecurity-related activities. In addition, we will provide an overview of MISP – a powerful open-source threat sharing platform for sharing, storing and correlating Indicators of compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information. Then, we will demonstrate how [Farsight DNSDB](https://www.farsightsecurity.com/solutions/dnsdb/), integrated with MISP, can advance your cyber investigations.
### Farsight DNSDB and MISP: Exploring Real-World Use Cases to Advance Cyber investigations Part II – WALK
In Part I of our three-party webinar series, we provided an introduction to using Passive DNS for threat hunting as well as an overview, including an overview of Farsight DNSDB, the world’s largest historical passive DNS database and MISP, a powerful open-source threat sharing platform for sharing, storing and correlating Indicators of compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information. In Part Two of this three-part webinar series, we will share several real-world examples using both Farsight DNSDB and MISP in your investigations.
### Farsight DNSDB and MISP: Advanced Threat Hunting Techniques Part III – RUN
In Part II of this three-part webinar series, we shared several real-world examples how you can use the combined power of both Farsight DNSDB and MISP in your investigations.
In Part III of this three-part webinar series, we will take a deep dive into a well-known incident of the past, the 2013 New York Times compromise using the combined power of Farsight DNSDB and MISP. In this example, we will show how you can use passive DNS data to investigate events that have occurred long time ago, even if for a short period of time. We’ll show you how to look for common patterns to identify similarities in Tactics, Techniques and Procedures (TTPs) of the malicious actors.