Overcoming the DNS “Blind Spot”

By John Stuppi [ed. note – this post was authored jointly by John Stuppi and Dan Hubbard ] The Domain Name Service (DNS) provides the IP addresses of intended domain names in response to queries from requesting end hosts. Because many threat actors today are leveraging DNS to compromise end hosts monitoring DNS is often a critical step in identifying and containing malware infections and investigating attacks. Yet our research found that few organizations actually monitor DNS for security purposes—or at all—which makes DNS a security “blind []

Source:: Cisco Security Notice