Skip to main content
Technology|SRE / Security Engineer

DNS & Infrastructure Change Monitoring

Detect unauthorized DNS changes, certificate swaps, and WHOIS transfers with private, continuous monitoring

DNS hijacking, unauthorized record changes, and expired certificates cause outages and security breaches. EdgeDNS subscription monitoring continuously watches your DNS records, SSL certificates, and WHOIS registration for changes -- and only your organization can see the data. Unlike passive DNS databases that expose your resolution history to anyone, EdgeDNS monitoring is private and active.

The Challenge

Infrastructure changes happen without warning. A DNS record modification could be a routine update or a hijacking attempt. Certificate renewals may fail silently. Domain registrar changes could signal an unauthorized transfer. Passive DNS services expose your domain history to anyone who queries it -- including adversaries mapping your infrastructure for attack.

The Solution

Subscribe domains to EdgeDNS monitoring to continuously track DNS records (A, AAAA, MX, NS, CNAME, TXT, SOA, CAA), certificate state, and WHOIS registration. When a change is detected, you get an alert with the exact diff -- old value vs. new value. All monitoring data is scoped to your organization and never shared with other customers or exposed publicly.

Endpoints Used

Combine these EdgeDNS endpoints to build this solution.

GET
/v1/subscriptionsTry in Playground

Create Subscription: Subscribe a domain for continuous monitoring across all 9 service types

GET
/v1/subscriptions/:id/dns-historyTry in Playground

DNS History: View private DNS record change history for your domain

GET
/v1/subscriptions/:id/alertsTry in Playground

Subscription Alerts: View DNS change, cert change, and WHOIS change alerts

GET
/v1/subscriptions/:id/check-resultsTry in Playground

Check Results: Unified log of all monitoring check results with status and timing

Results You Can Achieve

Private monitoring data

Your DNS history and change logs are never shared with other customers or exposed publicly

Detect changes in minutes

DNS checks run as frequently as every 30 minutes; certificates every 4 hours

14 alert types with debounce

Configurable debounce prevents alert fatigue; silence alerts during maintenance windows

Code Example

Subscribe a domain and check for DNS changes

javascript
// 1. Subscribe a domain for DNS + cert monitoring
const sub = await fetch('https://api.edgedns.dev/v1/subscriptions', {
  method: 'POST',
  headers: {
    'Authorization': 'Bearer YOUR_API_KEY',
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    domain: 'production.example.com',
    dns_enabled: true,
    dns_interval_minutes: 30,
    cert_enabled: true,
    cert_interval_minutes: 240,
    dns_change_alert: true,
    cert_change_alert: true,
    notification_emails: ['sre-team@company.com']
  })
}).then(r => r.json());

// 2. Later: Check DNS change history
const history = await fetch(
  `https://api.edgedns.dev/v1/subscriptions/${sub.data.id}/dns-history`,
  { headers: { 'Authorization': 'Bearer YOUR_API_KEY' } }
).then(r => r.json());

console.log('DNS records tracked:', history.data.length);
// Only YOUR organization can see this data

Learn More

Explore industry standards and best practices related to this use case.

CISA: DNS Infrastructure Tampering Campaign

CISA emergency directive on DNS hijacking campaigns targeting domain registrar accounts

IETF DNS Operations Working Group (DNSOP)

IETF working group responsible for DNS deployment guidance with 70+ published RFCs

Ready to build DNS & Infrastructure Change Monitoring?

Get started with 200 free API requests per month. No credit card required.

Get Started FreeTry the Playground

Other Use Cases

Email Marketing / DevOps

Email Deliverability Monitoring

Improve inbox placement with proactive email authentication monitoring

Security Engineer / Compliance Officer

Security Compliance Auditing

Automate security posture assessments for SOC 2 and ISO 27001