Phone : +1 (800) 980-1130 | Email :   |  |  | 

Overcoming the DNS “Blind Spot”

The Domain Name Service (DNS) provides the IP addresses of intended domain names in response to queries from requesting end hosts. Because many threat actors today are leveraging DNS to compromise end hosts monitoring DNS is often a critical step in identifying and containing malware infections and investigating attacks. Yet our research found that few organizations actually monitor DNS for security purposes—or at all—which makes DNS a security “blind spot.”

We explore this issue in more detail in the Cisco 2016 Annual Security Report. But here’s one statistic from the report that helps underscore why security teams need to start, or step up, their monitoring of DNS: Our recent analysis of malware validated as “known bad” found that the majority (91.3 percent) of that malware uses DNS in one of three ways:

to gain command and control
to exfiltrate data
to redirect traffic
More Details :

| Categories: Cisco | | Comments: RSS 2.0 | View Count: (27)

Post a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Email *