With DNS exploit attacks surging, BlueCat releases new DNS security software that detects internal threats and secures vital assets.
TORONTO – May 23, 2018 – Today, BlueCat, the Adaptive DNS company, announced powerful new capabilities for BlueCat DNS Edge™ (Edge), a solution that leverages existing DNS infrastructure to help cybersecurity and networking teams detect and block cyber attacks. The new capabilities add a much-needed layer of defense for corporate networks under siege from an explosion of malware attacks and their skyrocketing cost. According to industry research, 91% of malware uses the DNS protocol for command and control, data exfiltration or lateral movement on a corporate network.
“Networking and cybersecurity teams are under pressure to gain control of their network infrastructure and greatly increase actionable cyber intelligence,” said Michael Harris, CEO of BlueCat. “The solution lies hidden in billions of DNS queries and responses. As the leading provider of Adaptive DNS solutions for the world’s largest organizations, BlueCat is in a unique position to help customers identify, control and reduce the attack surface – especially for exploits happening inside the firewall.”
Edge helps organizations:
- Get unprecedented visibility into internal and external network activity for every connected client device, corporate application or service. With Edge, cybersecurity teams can access DNS data that today’s firewalls and web proxies will never see. This includes the originating host, query and response – before the cache, for both internal and external requests. This helps them observe suspicious activity, detect lateral movement and track down patient zero. It also makes it easy for cybersecurity teams to meet or exceed compliance standards for system monitoring and boundary protection like NIST 800-53.
- Quickly establish smarter, more flexible policies to control internal and external DNS activity across the entire network. With Edge, network and security architects create granular policies based on a variety of factors such as the DNS query, device types (including IoT devices), sites and zones, and time of day. This flexibility helps cybersecurity teams establish least-privilege access at the DNS level to protect internal assets or lock down infected IoT devices, for example. Edge can also ingest threat intelligence feeds from any source and build on established blocklist policies.
- Detect malicious behavior on the network like DNS tunneling, data exfiltration and domain generation algorithms. Edge employs smart analytics to look for patterns in DNS queries that indicate common DNS exploits. Any suspicious query data can be sent to popular SIEMS for further analysis and correlation. BlueCat recently introduced BlueCat DNS Edge for Splunk that offers additional capabilities for Splunk users, available for download on SplunkBase.
The latest version of Edge also includes new DNS-routing policies using multi-namespaces to introduce unique flexibility for administrators to configure their DNS resolution path, lighten the load on the WAN and web proxies, and eliminate duplication across namespaces. Additionally, new dashboard improvements make it easier for administrators to spot anomalies in DNS query data.
BlueCat is the Adaptive DNS Company™. The largest global enterprises trust BlueCat to provide the foundation for digital transformation strategies such as cloud migration, virtualization and cybersecurity. Our Adaptive DNS platform improves control and compliance across entire networks, enabling organizations to centralize and automate DNS services for security and operational efficiency. For more information, please visit bluecatnetworks.com.
BlueCat Public Relations
Customer situation brief on SUNBURST/Solorigate
Learn more about the attack via the SolarWinds Orion platform and how BlueCat products use DNS to help protect customers against compromises like it.
On the road to platform hardening, consider a STIG
Security Technical Implementation Guides standardize security configuration on networks, servers, and devices. BlueCat uses them and you can, too.
IT pros debate: Who should own DNS in the cloud?
Six networking pros dig into who should own DNS in the cloud during the third Critical Conversation on Critical Infrastructure hosted in Network VIP.
Flexibility and security can co-exist for the Red Cross
American Red Cross CISO Vikas Mahajan discusses flexible security strategies for front-line operations and his roadmap for moving toward a SASE model.