Overview
The DNS Catalog provides centralized visibility into all DNS records discovered across your infrastructure.AIM automatically aggregates DNS data from adapters, scanners, and integrations to help teams detect misconfigurations, shadow DNS records, and exposure risks before attackers do.
DNS Record Inventory Dashboard
Key Metrics & Analytics
The dashboard offers real-time insights into your DNS footprint:- Total DNS Records — All records discovered across environments.
- Shadow DNS Records — Records found outside registered DNS zones.
- Exposed Records — DNS entries pointing to external or risky hosts.
- Invalid or Stale Records — Broken, outdated, or orphaned DNS entries.
DNS Record Distribution
Visual charts help analyze:- Record Types (A, AAAA, CNAME, MX, TXT, NS, etc.)
- Exposure breakdown (Exposed vs Safe)
- Associated vulnerabilities or misconfigurations
- Organizations & Providers
DNS Type Distribution
Search, Filters & Sorting
The catalog includes powerful filters for pinpointing critical DNS issues:| Filter | Description |
|---|---|
| Record Type | Filter by A, CNAME, MX, etc. |
| Exposure | Show only exposed or shadow DNS records. |
| Owners | Filter by assigned owner or team. |
| Adapters | Show DNS records discovered through specific integrations. |
| Risk | Sort or filter by auto-calculated risk score. |
| Organisations | Filter based on hosting provider or authoritative DNS. |
| hasVulns | Show DNS entries linked to vulnerabilities. |
DNS Table Columns
| Column | Description |
|---|---|
| Record Value | The DNS record (e.g., api.example.com). |
| Record Type | A, CNAME, MX, TXT, etc. |
| Target / Value | Where the DNS record points to. |
| Exposure | Whether the record exposes an asset externally. |
| Auto Risk | AIM-generated score based on exposure & associations. |
| Organisation | Hosting provider or domain owner. |
| Owner | Responsible team or user. |
| Tags | Quick classification labels. |
| Associations | Linked assets like IPs, certs, or apps. |
| Detected On | First & last seen timestamps. |
DNS Record Full View
Every DNS record includes a detailed breakdown:DNS Summary
- Record value
- Record type
- Target / destination
- Exposure classification
- Total linked assets
- Environment (e.g., Production, Internal)
- Risk score
- First/last detection timestamps
Linked Assets & Vulnerabilities
AIM automatically correlates DNS records with:- IPs
- Applications
- Certificates
- Subdomains
- Vulnerabilities
DNS Asset Relation Graph
DNS Misconfiguration Detection
AIM automatically flags issues such as:- Dangling DNS records
- Broken CNAME chains
- Orphaned A/AAAA records
- Exposure to unintended external hosts
- Wildcard or overly permissive DNS entries
- Expired or mismatched DNS-to-certificate mappings
How DNS Records Are Discovered
AIM continuously syncs DNS data using:- ASM Adapter (external DNS discovery)
- Cloud provider integrations
- Domain registrars
- Security scanners
- TechDetect (DNS enumeration)
Example Use Cases
- Security Teams — Detect shadow DNS entries or exposed DNS surfaces.
- App Teams — Track DNS mappings for environments and services.
- Compliance — Ensure DNS structures meet audit and policy requirements.
- Ops / Infra — Identify broken or stale DNS entries causing outages.
Explore Live Demo
Explore AIM Live — No Signup Needed
Instantly explore how Snapsec AIM discovers, enriches, and tracks every asset in real time — all without creating an account.