Network Security - DNS Domains Expiring Within the Next Month¶
Description¶
The percentage of DNS domains that are set to expire within the next month, which could lead to service disruptions if not renewed in time.
How we measure it¶
Query all DNS domains and check their expiration date. Identify domains whose expiration date falls within the next 30 days.
Meta Data¶
| Attribute | Value |
|---|---|
| Metric id | ns_domains_expiring |
| Category | Network Security |
| SLO | 99.00% - 100.00% |
| Weight | 0.2 |
| Type |  |
References¶
| Framework | Ref | Domain | Control |
|---|---|---|---|
| ISO 27001:2022 | A.8.20 | 8 Technological controls | Networks security |
| CIS 8.1 | 9.3 | Email and Web Browser Protections | Maintain and Enforce Network-Based URL Filters |
| NIST CSF v2.0 | ID.AM-04 | Asset Management (ID.AM) | ID.AM-04: Inventories of services provided by suppliers are maintained |
Code¶
SELECT
domain AS resource,
'domain' as resource_type,
CASE
WHEN expiration_date <= CURRENT_DATE + INTERVAL 30 DAY THEN 0
ELSE 1
END as compliance,
CASE
WHEN expiration_date <= CURRENT_DATE + INTERVAL 30 DAY THEN 'Domain expiring within 30 days'
ELSE 'Domain expiration is beyond 30 days'
END as detail
FROM
{{ ref('domains') }}