Every time a user or IoT device makes a connection using the domain name system (DNS) to access websites and domains there is a risk of connecting to a malicious domain.
When a client initiates a query on a Deteque enabled name server, each step of the recursive DNS lookup process is analyzed. If Deteque identifies a security risk, access to the threat is blocked.
You can protect your network and users from connecting to bad domains, and the potential risks associated with them including cyptojacking, malware and fraud. In addition you can block Command & Control bots from communicating with infected devices on your network.
Data points are combined from across the globe, illustrating in real-time when and which host names have been resolving to which IP addresses.
This constantly updated dataset provides you with the intelligence and power to comprehensibly build up a picture of potential threats that you couldn’t gain from a single network.
Passive DNS enables you to uncover patterns of malicious activity from networks across the world. This global threat intelligence provides an effective boost in your security information and event management (SIEM) and security analysis.
It will take just a few minutes to configure your edge router to peer with a Deteque BGP router and a null route. This will allow you to block all communication to, and from, botnet Command & Control servers, neutralising botnet nodes within your network and stopping data egress, even if devices are still infected with malware.
BGP data feeds are an additional layer in your network security defences. They block connections to internet protocols (IPs) involved in the most dangerous cybercrime and DDoS attacks, protecting your organization’s servers.