Modat introduces native Passive DNS in Magnify
Modat launched native Passive DNS intelligence in Magnify, adding Passive DNS to an existing investigation flow that unifies IP, device fingerprinting, and certificate information. The change targets teams that previously had to connect evidence across multiple sources to conduct investigations.
The update comes as Magnify builds on clustering-based device fingerprinting and geo-native scanning to identify infrastructure that conventional internet scanners miss, according to the release. It describes Magnify as using a pivot-driven approach in which each signal is treated as a first-class starting point rather than a secondary lookup.
With Passive DNS native to Magnify, investigators can start from a domain to surface IPs that hosted it, start from a TLS certificate to surface domains it has secured, or start from a clustered device fingerprint to surface hosts running the same software stack. The release says the platform presents an attacker-infrastructure graph that updates as the internet does, rather than presenting disconnected lookup results.
Modat said the Passive DNS capability includes infrastructure pivoting across IP, domain, TLS certificate, and clustered device fingerprint, real-time threat correlation of newly observed domains and IPs with known IOCs, threat actor TTPs, and malware families, and retrospective infrastructure analysis using passive DNS alongside IP, device, and certificate timelines. The company also cited API-first integration via a REST API for SIEM, SOAR, and threat intelligence platforms.
“Most internet intelligence tools were built one signal at a time, and it shows analysts spend more time stitching evidence together than acting on it,” said Soufian El Yadmani, CEO and Founder at Modat. “Magnify was designed from the start so that every signal, IPs, devices, certificates, and now Passive DNS, is a pivot point in the same graph. Passive DNS isn't an add-on for us. It's the fourth pillar that makes the picture more complete. We’re proud to share this milestone with the global security community at FIRSTCON26.”
Provided by Globe Newswire on behalf of MoData. Click to read original content.