SOCRadar DNS Monitoring is a network security module that provides real-time monitoring and analysis of DNS infrastructure and activities. The tool continuously monitors domain DNS configurations, automatically discovers and maps DNS records, and generates immediate alerts when DNS records are modified. Key features include monitoring of A, AAAA, CNAME, NS, and MX DNS records with real-time email notifications for changes. The system detects malicious dynamic DNS hostnames that may target organizational brands and monitors the existence of SPF and DMARC records to reduce risks from malicious forgeries. The platform identifies publicly exposed hostnames, subdomains, and DNS records that could present security risks. It also detects potential vulnerabilities to DNS amplification DDoS attacks by analyzing DNS configurations and traffic patterns. SOCRadar DNS Monitoring helps organizations defend against various DNS-based attacks including distributed denial of service (DDoS) attacks, domain hijacking, DNS spoofing, cache poisoning, DNS tunneling, flood attacks, phantom domain attacks, and random subdomain attacks. The tool provides comprehensive insights into network DNS activity, observes traffic patterns and anomalies, and creates security alerts to enable proactive threat detection and response. It integrates with SOCRadar's broader Extended Threat Intelligence Platform for enhanced security monitoring capabilities.