SecurityTrails was founded in 2017 by CEO Chris Ueland; formerly the CEO for MaxCDN. They have twelve employees and are growing. Their customers include PricewaterhouseCoopers and Microsoft. Their stated mission is to “make the biggest treasure-trove of cyber intelligence data readily available in an instant” in order to help cybersecurity experts combat future attacks “with up-to-date data, proprietary tools, and custom solutions”.
SecurityTrails currently offer one product: Forensics API; and will soon be adding more features, specifically API Feeds and Site Explorer. One of its long-term goals is that other companies build their own products leveraging the APIs that SecurityTrails shares. This drives their efforts to provide immediate, relevant information that can be depended upon.
In Forensics, you can search via a domain name and find a great deal of information about that domain, including all the WHOIS information on record, which website technology was used to build it and historical data for many kinds of records. Using passive DNS, you can find all the subdomains on record. You can then scroll through them, or search by specific subdomain. To dig deeper into a domain, you can see which records are behind a specific IP address.
SecurityTrails currently track over 200 million domains, 1,000 technologies and receive one billion passive DNS datasets per month and are adding more features, such as full API and site explorer. SecurityTrails wants to make it straightforward for interested parties to leverage this data in a simple yet comprehensive way. They describe their mission as “making the incomprehensible, comprehensible” and “the inaccessible, accessible”.
The goal behind the company is to leverage the huge amount of data available on the Internet, which can be used for many purposes:
- Cyber forensics – track suspicious changes to DNS records
- Threat hunting – observe command and control servers and identify the latest malware
- Online fraud & crime investigation – research fraudulent and criminal activity
- Powering reputation scoring systems – know what domains and IPs bad actors use
- Brand protection – find out if your brand’s copyright or trademark is being used on spoof domains
- Domain security – use reputation scoring and indexed intel to help make your site more secure
- Aid in corporate decision-making, for instance during M&As – find out an entity’s online assets and hidden details
The company has also laid out their goals in their Product Manifesto to make a product that fills a gap in the market, and does so in a way, which emphasizes accessibility, transparency and reliability.