CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 15, 2026

Modat enhances Magnify with Passive DNS for faster threat hunting and infrastructure analysis

Help Net Security Archived Jun 15, 2026 ✓ Full text saved

Modat has launched native Passive DNS intelligence in Magnify, its internet intelligence platform, unifying IP, device fingerprint, certificate, and passive DNS into a single pivot-driven investigation flow. Threat intelligence, threat hunting, exposure management, fraud and Security teams have long been forced to stitch together evidence across multiple tools and datapoints. Magnify eliminates that gap, building on its clustering-based device fingerprinting and geo-native scanning to surface in

Full text archived locally
✦ AI Summary · Claude Sonnet


    Industry News June 15, 2026 Share Modat enhances Magnify with Passive DNS for faster threat hunting and infrastructure analysis Modat has launched native Passive DNS intelligence in Magnify, its internet intelligence platform, unifying IP, device fingerprint, certificate, and passive DNS into a single pivot-driven investigation flow. Threat intelligence, threat hunting, exposure management, fraud and Security teams have long been forced to stitch together evidence across multiple tools and datapoints. Magnify eliminates that gap, building on its clustering-based device fingerprinting and geo-native scanning to surface infrastructure that conventional internet scanners miss. Most internet intelligence platforms are built around a single primary signal, with other data types bolted on as secondary lookups. Magnify is built the other way around: every signal is a first-class pivot point. With Passive DNS now native to the platform, an investigator can start from a domain and surface every IP that has hosted it, start from a TLS certificate and surface every domain it has secured, or start from a clustered device fingerprint and surface every host running the same software stack, all in the same query path. The result is an attacker-infrastructure graph that updates as the internet does, not a series of disconnected lookups that analysts have to assemble by hand. Key capabilities of the Modat Passive DNS platform include: Infrastructure pivoting: Move between IP, domain, TLS certificate, and clustered device fingerprint in a single graph, with relationships preserved rather than reconstructed across tools. Real-time threat correlation: Automated correlation of newly observed domains and IPs with known indicators of compromise (IOCs), threat actor TTPs, and malware families. Retrospective infrastructure analysis: Queryable Passive DNS alongside Magnify’s IP, device, and certificate timelines, so analysts can reconstruct the benign and the attacker’s full infrastructure lifecycle. API-first integration: Seamless integration with leading SIEM, SOAR, and threat intelligence platforms via a robust REST API. “Most internet intelligence tools were built one signal at a time, and it shows analysts spend more time stitching evidence together than acting on it,” said Soufian El Yadmani, CEO and Founder at Modat. “Magnify was designed from the start so that every signal, IPs, devices, certificates, and now Passive DNS, is a pivot point in the same graph. Passive DNS isn’t an add-on for us. It’s the fourth pillar that makes the picture more complete.” Share
    💬 Team Notes
    Article Info
    Source
    Help Net Security
    Category
    ◇ Industry News & Leadership
    Published
    Jun 15, 2026
    Archived
    Jun 15, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗