A domain’s online presence can extend beyond its main address, with subdomains like blog.example.com serving as crucial yet often overlooked entry points for websites and apps. These subdomains can create hidden security risks if not monitored, making them easy targets for attacks like takeovers or phishing.
Subdomain Record Search
From the left navigation menu, select Attack Surface Mapping > Latest DNS Records.
Specify a Domain Name.
Click Search.
The Explore screen opens, containing a list of records (observables) for the domain in question, on which you're able to carry out several actions, including:
Observable enrichment
Saving to a collection or a Feed
Exporting Raw Data
Creating a Monitor
Obtaining a risk score
By leveraging the Subdomain Record Search, you can proactively identify and manage these risks.
The specific subdomain extracted from a hostname, used to analyze hierarchical domain structures for potential threats.
The total set of vulnerabilities and entry points in a system or network that could be exploited by an attacker, including software, hardware, and network configurations.
A feature in threat intelligence platforms that enables users to investigate DNS history and navigate related network infrastructure, facilitating the discovery of potential threats or connections.
A distinct data point, such as an IP address, domain, or file hash, used in threat intelligence to identify, track, or predict potential cyber threats.
A curated stream of threat intelligence data containing indicators of compromise (IoCs), such as malicious IPs or domains, used to monitor and mitigate cyber threats.
Unprocessed query results in JSON format, containing detailed threat intelligence data for further analysis or integration.
A feature that automates periodic scans of DNS or WHOIS data, sending email alerts for new results to track changes in domains, IPs, or infrastructure without manual queries.