In cybersecurity, many threats utilize DNS as a method to bypass IP block lists. Maintaining only a blacklist of known bad DNS entries does not completely resolve the risks, as it is common behavior for a malicious actor to use dynamically generated DNS entries to bypass these lists. We manage a toolset that will evaluate all DNS queries seen from your organization, as well as from any endpoints external to the network utilizing a roaming client. This service stops known bad DNS calls, as well as access to any newly seen domains (less than 6 days old or never seen by the vendors global network), preventing the majority of malicious code propagation.
We provide
- Assistance in deploying the solution
- The ability to add in content monitoring
- Off-network protection and malicious device identification available with roaming client
- User identification