DNS-based malware is particularly dangerous because it is often used to steal critical company and customer data, interrupt business continuity and damage brand reputation. Hackers take advantage of the underestimation of DNS services’ key role in the cyber kill chain – 91% of malware is using DNS services to build attacks. A global 2020 DNS Security survey conducted by IDC revealed that 79% of respondents said they had been targeted by a DNS attack in the last 12 months. Traditional security systems are not enough to mitigate this type of threat, as they could be easily circumvented.
DNS Firewall prevents connected devices from becoming infected with malware and blocks their activity by enabling recursive DNS servers to stop or redirect queries from clients that want to access identified malicious domains and/or IPs. Illegitimate communications with C&Cs/botnets, and DNS based data exfiltration (DNS tunneling) are immediately blocked, before they impact and damage your company.
Adapt Malware Protection With Threat Intelligence
To keep pace with the ever-evolving threat landscape, DNS Firewall includes dynamic threat intelligence services. DNS Firewall comes with this kind of constantly updated data feed built from various distributed sources, to combat categories such as:
- Abuse and spam-related domains
- Phishing-related domains
- Malware-related domains
- Cracked website FQDN(s)
- Botnet Command and Control