PagerDuty DigitalStakeout PDNS Integration
Trigger DigitalStakeout PDNS alerts to PagerDuty, so you can remediate cyber security incidents faster.
1. Perform the PagerDuty Setup Process first.
PagerDuty Setup Process
Login to PagerDuty, go to the Configuration menu and select Services.
On the Services page:
- If you are creating a new service for your integration, click Add New Service.
- If you are adding your integration to an existing service, click the name of the service you want to add the integration to. Then click the Integrations tab and click the New Integration button.
In the Integration Type menu, select from the following based on your preference:
- Select Tool : Search and select DigitalStakeout PDNS.
- Enter an Integration Name "DigitalStakeout PDNS". If you are creating a new service for your integration, in General Settings, enter a Name for your new service.
- In Incident Settings, specify the Escalation Policy , Notification Urgency , and Incident Behavior for your new service.
- Click the Add Service or Add Integration button to save your new integration.
You will be redirected to the Integrations page for your service.
Do this AFTER performing the PagerDuty Setup.
2. DigitalStakeout PDNS Setup Proceess
- Above the Protection Menu, Select a Company.
- Under the Protection Menu, Click on Company Settings.
- Click on the Alerting/PagerDuty Tab.
- Set alerting to Enable. You will see that Pager Duty Status is "Not Connected"
- Click on Connect PagerDuty. You will be redirected to the PagerDuty website. Once you login, you will select the "DigitalStakeout PDNS" Service you created above.
- Once you have selected the Service, Click on the Connect button.
- You will be redirected back to your Company Settings. The Status will say Connected.
Congratulations! You have completed the integration with PagerDuty and DigitalStakeout PDNS.
All your threat events will now be sent directly to PagerDuty. When a threat event is sent to PagerDuty, an incident will be created. This incident will correspond with a block event in your DigitalStakeout PDNS logs. The full payload of the passive DNS record will be appended to your PagerDuty incident.One Integration Per CompanyYou can add multiple PagerDuty Integrations to your DigitalStakeout PDNS account. However, each company (tenant) is limited to one service integration.
DigitalStakeout PDNS URL Proxy
DigitalStakeout PDNS URL Proxy analyzes web traffic for high risk URLs. It examines the domain and full URL of request to determine if it is a threat. The targeted proxy performs HTTPS security analysis of good sites that are exploited to deliver ...
Threat Hunting with DigitalStakeout PDNS
A cloud-based DNS firewall, such as DigitalStakeout PDNS, can be an effective tool for threat hunting by security analysts. Here is a step-by-step guide on how a security analyst can use PDNS for threat hunting: Set up PDNS: The first step in using ...
Enabling DNSSEC in DigitalStakeout PDNS
DNSSEC (Domain Name System Security Extensions) is a security protocol that provides authentication for DNS data. It is used to protect the internet's global Domain Name System (DNS) infrastructure from various types of attacks, such as spoofing and ...
Point Windows DNS to DigitalStakeout PDNS
Getting started with Windows (Agent and Agentless) DigitalStakeout PDNS currently supports Windows 7, 8, 8.1, 10, Server 2008, Server 2012, Server 2016, and Server 2019 with .NET Framework 4.5+. Required Ports DigitalStakeout PDNS endpoints will ...
Install the DigitalStakeout PDNS Root Certificate Authority
When DigitalStakeout PDNS blocks access to a domain, we do not provide the browser an IP address. This is the intended behavior of blocking access to a domain. To prevent confusion, we redirect blocked domains to a block page. If the redirect happens ...