The watchTowr Platform can actively monitor DNS and automatically create findings for detected dangling DNS conditions.
The watchTowr Platform leverages the visibility provided by supported integrations to collect the key information required to detect dangling DNS issues. Incomplete or partial cloud visibility may result in inaccuracies in raised findings, as information collected through these integrations is used to determine whether IP addresses are still in use or have been decommissioned.
Note: Enable this only if full cloud visibility is integrated. Otherwise, false positives are expected.
If you would like to enable Dangling DNS Detection:
Navigate to Configuration > Finding Management > Finding Automation Settings.
Enabled the toggle for Dangling DNS.
A confirmation message will appear at the left bottom corner of the page if the setting has been updated successfully.
If you need assistance, don't hesitate to contact the watchTowr team. Our knowledgeable team is ready to help you navigate the watchTowr Platform and address any questions or concerns.