Defend From Firstly Seen Domains

“Zero-Day Attack” is a term used to describe the threat of an unknown computer-software or application vulnerability regarding security. Since the vulnerability is not known in advance, the exploits often occur without the users’ knowledge.
‍
A patch is typically required to resolve the issue, which can only be released after the application developers are made aware of it, meaning they are often short of time to address the issue.
‍
67% of cyber-attacks, including phishing and ransomware, are accomplished in less than two hours. Most security products fail to detect these attacks within this time period when they are the most dangerous. Organisations are vulnerable to zero-day attacks since the average detection time is about 12 hours.

Today, DNSSense’s Dynamic Threat Database, Cyber X-Ray, contains approximately 500 million domains that are being classified continuously. Domains requested for the first time, which are not in the Cyber X-Ray database, are marked as “First-Seen” domains by the artificial intelligence and are classified immediately.
‍
DNSSense’s Positive Security Model allows any network connection attempt to a “First-Seen” domain to be temporarily blocked for a maximum of 10 minutes until it is classified as 'Allowed' according to network security policies.
‍
Cyber X-Ray scores “First-Seen” domains in a maximum of 10 minutes with its artificial-intelligence and deep-learning algorithms.
‍
To avoid false positives, malicious domain data is also gathered from nearly 400 cyber intelligence centres, including the USOM, which strengthens the scoring process but does not affect the category per se.

The connection will not be allowed if the relevant domain falls into the “Blocked” category according to network security policies. Users will only be able to access it after it has been labelled “Allowed” or “Whitelisted” by the network security policy in question.

As a result, the network is protected from zero-day attacks with DNSSense’s Positive Security Model.