"Infoblox positions DNS as the earliest point of cyber threat prevention, claiming to block malicious infrastructure an average of 68.4 days before traditional detection tools. The company's Protective DNS approach leverages global DNS visibility to identify threats before they can weaponize their infrastructure. Infoblox Threat Intel monitors over 200,000 threat actor clusters using proprietary algorithms designed to identify infrastructure during construction phases. The company's detection pipeline combines real-time DNS telemetry with predictive threat intelligence."
""We have dozens of algorithms running concurrently to identify both high-risk/suspicious and malicious behavior," the company explains to Techzine. These algorithms analyze observable DNS features ranging from simple elements like registrars and nameservers to complex patterns in query timing and content. The system employs what Infoblox describes as a "cartel-first" strategy. Rather than focusing solely on individual malware variants, this approach targets the broader infrastructure and supply chains that threat actors use to launch campaigns."
Protective DNS leverages global DNS visibility and real-time telemetry to detect and block malicious infrastructure well before traditional detection. Threat intelligence monitors more than 200,000 threat actor clusters with proprietary algorithms that identify infrastructure during construction phases. Dozens of algorithms analyze observable DNS features from registrars and nameservers to complex query timing and content patterns. A "cartel-first" strategy focuses on threat infrastructure and supply chains rather than individual malware payloads. Statistical analysis across tens of billions of daily DNS queries enables predictive identification and preemption of attacks, allowing interception regardless of endpoint location or network perimeter.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]