Similar to how the NSA recommends, all organizations should privatize their DNS connections by taking control over their DNS traffic. It should not be a situation where requests leave your network and you rely on an internet service provider to secure your data or apply security filtering, as they do not.
While there is the potential to lose “visibility and intelligence” by adopting DoH, we believe that the benefits far outweigh the disadvantages. With our approach we offer a way to get the best of both worlds, by establishing both the security and privacy of the connections and providing total visibility through either full or selective (GDPR compliance) logging of all the Internet traffic. Adding protective DNS filtering and internet access controls blocks most unknown malicious requests, whether from a network device or a user system.
DNS security and strong endpoint protection are two fundamental security basics that are essential to safer Internet usage.
Exporting real-time endpoint protection telemetry data either into an in-house SIM/SIEM, syslog server or to an external MDR service. Endpoint data can then be correlated and contextualized against other threat data from other sources to stop attacks.
By providing real and near real-time threat feeds like collective file intelligence, real-time anti-phishing, IP, Domain and mobile application data to secure systems PC or mobile devices from a range of attack vectors.
Iranian state-sponsored threat groups are increasingly attacking the IT services sector this year in an effort to exfiltrate sign-in credentials that could be leveraged in compromising downstream customer networks' systems.