To this day it remains very easy for anyone to inexpensively buy a domain name, obtain an IP address and set up a host server. This also makes it just as easy for the criminally-minded to use domains and IP addresses with malicious intent.
Virtually all of this steady flow of malicious activity, aimed squarely at companies, leverages the central role DNS plays in facilitating internet traffic. Take, for example, botnets: the infected computing nodes, or bots, that stand at the ready to respond to instructions from a controller have to get their commands from somewhere. Bots periodically beacon out to domains created expressly for the purpose of delivering next level attack commands.
Read MoreTaking a DNS-centric approach to unravelling sophisticated attacks can connect the dots quickly, as more and more security professionals are discovering. This methodology blends the analyst’s experience and intuition with the outputs of whatever security systems the organization happens to have up and running, as well as other public sources of information, to develop customized, relevant threat intelligence...
