Solution by need

Find the "Escapers" in Your Network

Problem

It is arguably true that you could find loads of malicious activities on a network with thousands of machines and users. The fact of the matter is that, what you find may not be the entirety of such activities but rather just what your current security devices are able to report.

The question then arises: what about the malicious traffic that your security measures fail to detect?

And, how can you assess the efficiency of your current security investments?

These are significant challenges that enterprise networks face and must address.

DNSSense's Solution

Powered by its “Security Gap” feature, DNSSense’s DNSEye is a VM appliance that works in your network.

The Security Gap feature reports malicious traffic that the existing security devices cannot detect. Security Gap simulates connection to the malicious domain to test the network security in 3 different ways, as follows:

1- Tests with DNS query from existing DNS server
2- Tests with HTTP/HTTPS request via the proxy server
3- Tests to reach a malicious domain using a direct HTTP/HTTPS connection through Gateway.

Here is how Security Gap works

DNSEye VM appliance in your network sends a malicious connection request to DNSSense's cloud-based malicious simulation service, with a specific metadata.

Security Gap = Blocked, malicious traffic has been blocked

In case DNSSense’s simulation service does not receive the metadata, which means the malicious connection has been blocked by Security Gap, it is reported as an instance of a blocked attack along with information on the device (Proxy or UTM) that has successfully blocked the malicious traffic.

Security Gap = Passed, simulation has been successful

In case the simulation service receives the metadata, which means the malicious connection has managed to bypass the security, it is reported as an instance of a successful attack along with information on the device (Proxy or UTM) that was unable to block the malicious traffic.

This information can later be used to harden the network’s security policies. In other words, DNSSense constantly enhances the overall security status of the network.

Learn more about DNSEye
Solutions by need
Collect Your DNS Log With Ease
Detect DNS Tunnelling Attacks
Detect Invisible Malicious Traffic
Defend From Firstly-Seen Domains
Save 95+% in DNS Log Processing Costs With Smart SIEM Integration
Protect Remote and Roaming Clients
Find the Real Machine That Generates Malicious DNS Traffic
Find the -Escapers- in Your Network
338a Regents Park Road, Office 3 And 4, N3 2LN London, United Kingdom
COMPANY
About UsWhy DNSSenseLeadersContact SupportContact Us
OUR PRODUCTS
DNSEyeDNSDomeCyber X-Ray
EXPLORE
BlogMediaDownloadFAQ
STAY IN TOUCH
LinkedInYouTube
DNSSENSE DNS IP ADRESSES
45.129.19.19
45.129.19.20
Terms of ServicePrivacy Policy
We value your privacy
By clicking “Accept Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Accept CookiesDenyPreferences