INFRA
INFRA
INFRA
DNS security tech strengthened with analytics, monitoring
At the inaugural CyberConnect event in New York City, thought leaders in business, government and security gathered to exchange ideas and best practices in combating the latest cyberthreats. The purely security-minded audience at CyberConnect allowed domain name system technology companies — which normally interact with networking infrastructure people — to showcase the latest in DNS security techniques.
“I love the idea of talking about DNS security to a security audience. And, hopefully, some of the folks we get to talk to here will come away from it thinking, ‘Oh wow, so I didn’t even realize that my DNS infrastructure could actually be a security tool for me,’” said Cricket Liu (pictured), chief DNS architect at Infoblox Inc., a network intelligence services company.
Liu spoke with Dave Vellante (@dvellante) and John Furrier (@furrier), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the CyberConnect conference. They discussed the latest trends in DNS security technology. (* Disclosure below.)
Using DNS to expand security profile
One of the easiest ways companies can improve their security profiles is to instrument their DNS infrastructure to detect evidence of compromise, according to Lui. Setting up Response Policy Zones, or RPZs, to allow custom handling of the resolution of domain name collections lets organizations establish governance and checks around how traffic is routed to their servers.
“Most organizations haven’t gone through the trouble to plumb their DNS infrastructure into, for example, their sim infrastructure so they can get query log information. They can use RPZs to flag when a client looks up the domain name of a known command and control server, which is a clear indication of compromise,” Liu explained.
In addition to the real-time tracking and flagging of DNS activity, more and more big security players are collecting passive DNS data and running interesting analytics on that passive data, according to Liu. For example, if a named IP address mapping is changing really quickly, it might be an indication of fast flux, he stated.
“There’s some things you can do with these analytical algorithms in order to suss out suspicious and malicious behavior,” Liu concluded.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the CyberConnect 2017 event. (* Disclosure: TheCUBE is a paid media partner for the CyberConnect 2017 conference. Neither Centrify Corp., the event sponsor, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photos: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
