{"id":13352,"date":"2026-04-22T05:55:26","date_gmt":"2026-04-22T12:55:26","guid":{"rendered":"https:\/\/www.infoblox.com\/blog\/?p=13352"},"modified":"2026-04-22T02:10:07","modified_gmt":"2026-04-22T09:10:07","slug":"ai-project-glasswing-and-dns-beyond-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/","title":{"rendered":"AI, Project Glasswing and DNS: Beyond Vulnerabilities"},"content":{"rendered":"<p>Project Glasswing is a genuine step change in cybersecurity. Anthropic\u2019s Claude Mythos Preview model has reportedly uncovered <strong>thousands of previously unknown vulnerabilities<\/strong> across major operating systems, browsers and critical software, including a 27\u2011year\u2011old OpenBSD bug, a 16\u2011year\u2011old FFmpeg flaw and chained exploits in the Linux kernel that lead to full system compromise. It is powerful enough that Anthropic has decided not to release the full Mythos model broadly, positioning Glasswing as a tightly controlled, \u201cdefense\u2011first\u201d initiative with a limited consortium of hyperscalers, security vendors and financial institutions.<\/p>\n<p>So, is the glass half full or half empty?<\/p>\n<ul class=\"list-spacing\">\n<li><strong>Glass Half Full<\/strong>: Defenders finally have AI that can find and help fix vulnerabilities at machine speed.<\/li>\n<li><strong>Glass Half Empty<\/strong>: The same class of capability will eventually be in the hands of attackers, compressing the time from discovery to weaponization to minutes, not months.<\/li>\n<\/ul>\n<p>Both are true. But focusing only on vulnerabilities misses a bigger problem: the world is already full of <strong>exposed configuration mistakes<\/strong> that today\u2019s understaffed security teams struggle to find and fix.<\/p>\n<p>And AI will accelerate the exploitation of those just as surely as it accelerates vulnerability discovery.<\/p>\n<h3>The Real Bottleneck Isn\u2019t Just Patching\u2014It\u2019s Everything Around It<\/h3>\n<p>Most critical infrastructure and government environments are already behind on patching for entirely understandable reasons: legacy systems, fragile integration chains and change windows negotiated with business owners who fear outages more than Common Vulnerabilities and Exposures (CVE). Even if Mythos\u2011class models hand defenders a perfectly prioritized list of zero\u2011days, many organizations <strong>cannot patch fast enough<\/strong> to keep up.<\/p>\n<p>But underneath the vulnerability backlog is something even more basic:<\/p>\n<ul class=\"list-spacing\">\n<li><strong>Secure configuration management at scale<\/strong>\u2014across DNS, identity, network, cloud, OT and application stacks\u2014is still largely manual and error\u2011prone.<\/li>\n<li>Security teams are <strong>chronically understaffed<\/strong>, while being pressed to \u201cmove at the speed of the business.\u201d The result is predictable: shortcuts, drift and blind spots.<\/li>\n<\/ul>\n<p>In DNS alone, we see this every day. In a recent assessment of nine major corporations, every single one had DNS misconfigurations that could be exploited. Two had <strong>critical exposures that would be trivial for a competent threat actor to use<\/strong>. None of these issues required a zero\u2011day; they were the outcome of ordinary operational pressure over time.<\/p>\n<h3>DNS as the Canary: Lame Delegations, NIST SP 800\u201181 and Sitting Ducks<\/h3>\n<p>DNS is a perfect example of why \u201cvulnerabilities versus misconfigurations\u201d is a false dichotomy.<\/p>\n<p><strong>National Institute of Standards and Technology (NIST) Special Publication (SP) 800\u201181<\/strong> has only recently been updated after years of relatively static guidance, reflecting a growing recognition that DNS is a critical security control, not just plumbing. The refreshed guidance sharpens expectations around architecture, logging and controls for issues such as lame delegations, dangling records and abuse of recursive resolvers, and is rapidly becoming the baseline for DNS security best practice, including in the European Union\u2019s <strong>NIS2<\/strong> technical guidance on DNS and protective DNS controls. It is the reference many regulators and operators reach for when they ask, \u201cWhat does secure DNS actually mean in practice?\u201d At the same time, recent campaigns such as the <strong>Sitting Ducks<\/strong> hijacks by Russian\u2011nexus actors like Vacant Viper and the broader \u201cVipers\u201d and \u201cHawks\u201d crews\u2014which have abused misconfigured name\u2011server delegations and other DNS hygiene failures to hijack tens of thousands of domains, including household brands\u2014underline how far real\u2011world practice still lags this guidance.<\/p>\n<p>Infoblox and Eclypsium\u2019s <strong>Sitting Ducks<\/strong> research showed that simple DNS misconfigurations, especially <strong>lame delegations<\/strong>, allow attackers to hijack domains without ever touching the registrar account. At any given time, over <strong>one million domains are exploitable<\/strong>; hundreds are actively hijacked every day. Follow\u2011on work found roughly <strong>800,000 vulnerable domains and about 70,000 confirmed hijacks<\/strong>, driven primarily by misconfigured name server settings. Other studies estimate that on the order of <strong>10 to 14 percent of delegations are lame<\/strong> in large domain samples.<\/p>\n<p>Those same research threads, and subsequent Infoblox work, highlight how:<\/p>\n<ul class=\"list-spacing\">\n<li><strong>Dangling CNAMEs<\/strong> and other dangling DNS records are pervasive, leaving \u201cforgotten\u201d links to expired cloud resources or domains that attackers can reclaim for phishing, malware delivery and traffic distribution systems (TDSs).<\/li>\n<li>Misconfigurations like lame delegations are <strong>not assigned CVEs<\/strong> and often sit outside the vulnerability management process entirely, so agencies and enterprises systematically under\u2011prioritize them compared to software bugs.<\/li>\n<\/ul>\n<p>In other words, the world doesn\u2019t just have a <strong>vulnerability problem<\/strong>. It has a <strong>configuration hygiene problem<\/strong> on top of that, and the latter is at least as attractive to attackers, precisely because it is so often invisible to defenders.<\/p>\n<p>Now imagine Mythos\u2011class models and their successors applied not only to code, but to DNS zones, cloud control planes, routing policies and identity and access management (IAM) graphs. They won\u2019t just find zero\u2011days; they\u2019ll find <strong>every misconfiguration that matters<\/strong> and automatically chain them into practical attack paths.<\/p>\n<h3>Why We Need an AI Automation Strategy for Both Vulnerabilities and Configurations<\/h3>\n<p>If you accept that:<\/p>\n<ol class=\"list-spacing\">\n<li>AI will make <strong>discovering exploitable conditions (bugs and misconfigs) cheap and fast<\/strong>, and<\/li>\n<li>You <strong>cannot rely on vendors always shipping a patch in time<\/strong>, nor on your own organization always having a convenient maintenance window, then the response cannot simply be \u201cpatch faster.\u201d <\/li>\n<\/ol>\n<p>Organizations need a <strong>holistic AI\u2011driven automation strategy<\/strong> that treats vulnerabilities and configurations as part of the same risk fabric:<\/p>\n<p><strong>1. Unify Visibility and Risk Modeling<\/strong><\/p>\n<ul class=\"list-spacing\">\n<li>Correlate software vulnerabilities with DNS hygiene, cloud posture, network exposure and identity misconfigurations into a single view of \u201cways an attacker can win.\u201d<\/li>\n<li>Include external attack surface and DNS risks like lame delegation, Sitting Ducks conditions and dangling CNAMEs alongside traditional CVEs.<\/li>\n<\/ul>\n<p><strong>2. Use AI To <em>Discover<\/em> and <em>Prioritize<\/em> Issues, Not Just To Scan Code<\/strong><\/p>\n<ul class=\"list-spacing\">\n<li>Continuously analyze configs, logs and external DNS data to highlight misconfigurations that materially expand blast radius, not just \u201cnon\u2011compliant\u201d settings.<\/li>\n<li>Ask models to reason about <strong>attack paths<\/strong>: \u201cGiven this set of DNS, network and identity issues, what\u2019s the shortest route to domain admin or data theft?\u201d<\/li>\n<\/ul>\n<p><strong>3. Automate Mitigation\u2014Especially when Patching Isn\u2019t Possible<\/strong><\/p>\n<p>You won\u2019t always get a vendor patch in time, and even when you do, you won\u2019t always have the change window to deploy it. That\u2019s where AI\u2011assisted automation and policy come in:<\/p>\n<ul class=\"list-spacing\">\n<li>For <strong>DNS<\/strong>: Automatically detect and remediate lame delegations, clean up dangling records and enforce safe delegation patterns with minimal human approval.<\/li>\n<li>For <strong>Network and Identity<\/strong>: Automatically tighten segmentation, DNS and web filtering, and access controls around assets affected by high\u2011risk vulnerabilities or misconfigurations.<\/li>\n<li>For <strong>Applications and Cloud<\/strong>: Generate and deploy safe, reversible configuration changes (e.g., disabling risky plugins, tightening security groups, revoking stale trust relationships) under human\u2011defined guardrails.<\/li>\n<\/ul>\n<p>The goal is not \u201cno humans,\u201d but <strong>no heroics<\/strong>: let humans decide strategy and exceptions, while AI does the drudge work of detection, enrichment, change generation and verification.<\/p>\n<p><strong>4. Bake Safety and Governance into the AI Layer Itself<\/strong><\/p>\n<ul class=\"list-spacing\">\n<li>Treat powerful security models as <strong>high\u2011risk infrastructure<\/strong>, with their own access controls, logging and red\u2011team testing.<\/li>\n<li>Ensure AI\u2011driven automations are explainable, reversible and tested in staging before touching production.<\/li>\n<\/ul>\n<h3>Planning for the Dam to Break\u2014and a Concrete First Step<\/h3>\n<p>Anthropic is trying to be responsible in how it exposes Mythos\u2011class capability, and that\u2019s commendable. But we should be honest: <strong>hoping that one vendor \u201cholds the line\u201d is not a strategy<\/strong>.<\/p>\n<p>History tells us that:<\/p>\n<ul class=\"list-spacing\">\n<li>Capabilities leak and are replicated. Rivals are already racing to match or surpass Mythos in cyber\u2011relevant skills.<\/li>\n<li>Governments and critical infrastructure will <strong>not<\/strong> all be invited into closed initiatives like Glasswing. Most of the world\u2019s vulnerable infrastructure will remain outside that inner circle for a long time.<\/li>\n<\/ul>\n<p>At some point, the dam breaks: Mythos\u2011class offensive capability, or something close enough, will be broadly available. When that happens, attackers won\u2019t need deep expertise to find exploitable DNS misconfigurations, dangling CNAMEs, legacy protocol exposures or unpatched zero\u2011days. They\u2019ll ask their AI, and it will oblige.<\/p>\n<p>The only sustainable response is for defenders to <strong>embrace the same level of automation and intelligence<\/strong>, and to point it not just at software vulnerabilities but at the sprawling universe of configuration risk that makes those vulnerabilities so devastating.<\/p>\n<p>AI will absolutely help us find and fix more bugs. But if we want the glass to be more than half full, we have to use it to clean up the misconfigurations too, starting with an honest DNS health check against baselines like NIST SP 800\u201181 and NIS2 guidance, and then building an <strong>AI\u2011assisted operations strategy<\/strong> that continuously enforces that hygiene.<\/p>\n<p>A practical first step is to use <a href=\"https:\/\/info.infoblox.com\/sec-en-inspectsecurity-registration.html\"><strong>Infoblox Inspect<\/strong><\/a> to assess how well your current DNS infrastructure and security controls actually protect you. Infoblox Inspect is a lightweight, complimentary assessment that:<\/p>\n<ul class=\"list-spacing\">\n<li>Validates DNS infrastructure and configuration against best practices<\/li>\n<li>Tests your ability to block high\u2011risk and malicious domains, including TDS, domain generation algorithms (DGAs), phishing and command-and-control (C2) infrastructure<\/li>\n<li>Surfaces gaps in both security controls and DNS hygiene that attackers routinely exploit<\/li>\n<li>Delivers an executive\u2011ready report you can map directly to NIST 800\u201181 and NIS2\u2011aligned expectations, and use to drive both remediation and your AI operations roadmap<\/li>\n<\/ul>\n<p>Glasswing and Mythos Preview show us what is now possible\u2014for defenders and for attackers. The question is whether we use the same level of intelligence to finally bring DNS and configuration hygiene up to the standard our critical infrastructure deserves.<\/p>\n<h3 class=\"footnotes\">Public Sources<\/h3>\n<ul class=\"footnotes-listing\">\n<li><a href=\"https:\/\/www.anthropic.com\/glasswing\" target=\"_blank\">Project Glasswing: Securing critical software for the AI era<\/a><\/li>\n<li><a href=\"https:\/\/www.anthropic.com\/project\/glasswing\" target=\"_blank\">Project Glasswing<\/a><\/li>\n<li><a href=\"https:\/\/blogs.infoblox.com\/threat-intelligence\/who-knew-domain-hijacking-is-so-easy\/\">Who Knew? Domain Hijacking is So Easy<\/a>. Infoblox Threat Intel. Infoblox. July 31, 2024.<\/li>\n<li><a href=\"https:\/\/www.techtarget.com\/searchsecurity\/news\/366615752\/Infoblox-800000-domains-vulnerable-to-hijacking-attack\" target=\"_blank\">Infoblox: 800,000 domains vulnerable to hijacking attack<\/a>. Waldman, Ariel. Informa TechTarget. November 14, 2024.<\/li>\n<li><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/sitting-ducks-dns-attacks-global\/\" target=\"_blank\">Sitting Ducks DNS Attacks Put Global Domains at Risk<\/a>. Mascellino, Alessandro. Infosecurity Magazine. November 14, 2024.<\/li>\n<li><a href=\"https:\/\/eclypsium.com\/blog\/ducks-now-sitting-dns-internet-infrastructure-insecurity\/\" target=\"_blank\">Ducks Now Sitting (DNS): Internet Infrastructure Insecurity<\/a>. Eclypsium. July 31, 2024.<\/li>\n<li><a href=\"https:\/\/www.theregister.com\/2024\/07\/31\/domains_with_delegated_name_service\/\" target=\"_blank\">Russia takes aim at Sitting Ducks domains, bags 30,000+<\/a>. Claburn, Thomas. The Register. July 31, 2024.<\/li>\n<li><a href=\"https:\/\/securityaffairs.com\/166445\/hacking\/sitting-ducks-attack-technique.html\" target=\"_blank\">Sitting Ducks attack exposes over a million domains to hijacking<\/a>. Paganini, Pierluigi. Security Affairs. August 2, 2024.<\/li>\n<li><a href=\"https:\/\/blogs.infoblox.com\/threat-intelligence\/dns-predators-hijack-domains-to-supply-their-attack-infrastructure\/\">DNS Predators Hijack Domains to Supply their Attack Infrastructure<\/a>. Infoblox Threat Intel. Infoblox. November 14, 2024.<\/li>\n<li><a href=\"https:\/\/www.hpcwire.com\/aiwire\/2026\/04\/09\/anthropic-unveils-project-glasswing-as-claude-mythos-targets-software-vulnerabilities\/\" target=\"_blank\">Anthropic Unveils \u2018Project Glasswing\u2019 as Claude Mythos Targets Software Vulnerabilities<\/a>. AIwire. April 9, 2026.<\/li>\n<\/ul>\n<style>\n.code-format {\nfont-family: 'Courier New';}.image-caption {    font-size: 12px;}.list-spacing li{margin-bottom:20px}ol.list-spacing > li::marker {    font-weight: 700;}.entry-content ul.list-spacing ul > li {    list-style-type: square;}h3.footnotes{font-size:18px;}.footnotes-listing{font-size:14px;}<\/style>\n<p><script>\njQuery('.single h1').html('<span class=\"gradient\">AI, Project Glasswing and DNS<\/span>: Beyond Vulnerabilities');\n<\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Project Glasswing is a genuine step change in cybersecurity. Anthropic\u2019s Claude Mythos Preview model has reportedly uncovered thousands of previously unknown vulnerabilities across major operating systems, browsers and critical software, including a 27\u2011year\u2011old OpenBSD bug, a 16\u2011year\u2011old FFmpeg flaw and chained exploits in the Linux kernel that lead to full system compromise. It is powerful [&hellip;]<\/p>\n","protected":false},"author":177,"featured_media":13354,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[1668,1669,1670,1671],"class_list":{"0":"post-13352","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"tag-ai-cybersecurity","9":"tag-project-glasswing","10":"tag-ai-vulnerability","11":"tag-cybersecurity-automation","12":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>AI, Project Glasswing &amp; DNS Security: Beyond Vulnerabilities<\/title>\n<meta name=\"description\" content=\"Explore how Project Glasswing is reshaping cybersecurity, from zero-day vulnerabilities to DNS misconfigurations\u2014and why automation is critical for defense.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"AI, Project Glasswing &amp; DNS Security: Beyond Vulnerabilities\" \/>\n<meta property=\"og:description\" content=\"Explore how Project Glasswing is reshaping cybersecurity, from zero-day vulnerabilities to DNS misconfigurations\u2014and why automation is critical for defense.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-22T12:55:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ai-project-glasswing-dns-thumbnail.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"612\" \/>\n\t<meta property=\"og:image:height\" content=\"408\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Craig Sanderson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"AI, Project Glasswing &amp; DNS Security: Beyond Vulnerabilities\" \/>\n<meta name=\"twitter:description\" content=\"Explore how Project Glasswing is reshaping cybersecurity, from zero-day vulnerabilities to DNS misconfigurations\u2014and why automation is critical for defense.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ai-project-glasswing-dns-thumbnail.jpeg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Craig Sanderson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/\"},\"author\":{\"name\":\"Craig Sanderson\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/01dc95aed5cb12cffacb64848b7f24ca\"},\"headline\":\"AI, Project Glasswing and DNS: Beyond Vulnerabilities\",\"datePublished\":\"2026-04-22T12:55:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/\"},\"wordCount\":1684,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ai-project-glasswing-dns-thumbnail.jpeg\",\"keywords\":[\"AI Cybersecurity\",\"Project Glasswing\",\"AI vulnerability\",\"cybersecurity automation\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/\",\"name\":\"AI, Project Glasswing & DNS Security: Beyond Vulnerabilities\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ai-project-glasswing-dns-thumbnail.jpeg\",\"datePublished\":\"2026-04-22T12:55:26+00:00\",\"description\":\"Explore how Project Glasswing is reshaping cybersecurity, from zero-day vulnerabilities to DNS misconfigurations\u2014and why automation is critical for defense.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ai-project-glasswing-dns-thumbnail.jpeg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ai-project-glasswing-dns-thumbnail.jpeg\",\"width\":612,\"height\":408},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ai-project-glasswing-and-dns-beyond-vulnerabilities\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"AI, Project Glasswing and DNS: Beyond Vulnerabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/01dc95aed5cb12cffacb64848b7f24ca\",\"name\":\"Craig Sanderson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_177_1571767316-96x96.jpg\",\"url\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_177_1571767316-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_177_1571767316-96x96.jpg\",\"caption\":\"Craig Sanderson\"},\"description\":\"Craig Sanderson is the Principal Cyber Security Strategist at Infoblox. Craig has over 25 years of experience in the CyberSecurity industry with a broad array of roles ranging from consultancy, security architecture, business development and product management. Over the last seven years, Craig has been responsible for creating the vision, strategy and delivered the execution of the Infoblox BloxOne Threat Defense solution. He continues to be passionate about the role that DNS can play in delivering world class cyber security with a particular emphasis on how DNS can become the foundation for national and governmental Protective DNS solutions\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/craig-sanderson\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"AI, Project Glasswing & DNS Security: Beyond Vulnerabilities","description":"Explore how Project Glasswing is reshaping cybersecurity, from zero-day vulnerabilities to DNS misconfigurations\u2014and why automation is critical for defense.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/","og_locale":"en_US","og_type":"article","og_title":"AI, Project Glasswing & DNS Security: Beyond Vulnerabilities","og_description":"Explore how Project Glasswing is reshaping cybersecurity, from zero-day vulnerabilities to DNS misconfigurations\u2014and why automation is critical for defense.","og_url":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/","og_site_name":"Infoblox Blog","article_published_time":"2026-04-22T12:55:26+00:00","og_image":[{"width":612,"height":408,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ai-project-glasswing-dns-thumbnail.jpeg","type":"image\/jpeg"}],"author":"Craig Sanderson","twitter_card":"summary_large_image","twitter_title":"AI, Project Glasswing & DNS Security: Beyond Vulnerabilities","twitter_description":"Explore how Project Glasswing is reshaping cybersecurity, from zero-day vulnerabilities to DNS misconfigurations\u2014and why automation is critical for defense.","twitter_image":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ai-project-glasswing-dns-thumbnail.jpeg","twitter_misc":{"Written by":"Craig Sanderson","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/"},"author":{"name":"Craig Sanderson","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/01dc95aed5cb12cffacb64848b7f24ca"},"headline":"AI, Project Glasswing and DNS: Beyond Vulnerabilities","datePublished":"2026-04-22T12:55:26+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/"},"wordCount":1684,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ai-project-glasswing-dns-thumbnail.jpeg","keywords":["AI Cybersecurity","Project Glasswing","AI vulnerability","cybersecurity automation"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/","url":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/","name":"AI, Project Glasswing & DNS Security: Beyond Vulnerabilities","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ai-project-glasswing-dns-thumbnail.jpeg","datePublished":"2026-04-22T12:55:26+00:00","description":"Explore how Project Glasswing is reshaping cybersecurity, from zero-day vulnerabilities to DNS misconfigurations\u2014and why automation is critical for defense.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ai-project-glasswing-dns-thumbnail.jpeg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ai-project-glasswing-dns-thumbnail.jpeg","width":612,"height":408},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/ai-project-glasswing-and-dns-beyond-vulnerabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"AI, Project Glasswing and DNS: Beyond Vulnerabilities"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/01dc95aed5cb12cffacb64848b7f24ca","name":"Craig Sanderson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_177_1571767316-96x96.jpg","url":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_177_1571767316-96x96.jpg","contentUrl":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_177_1571767316-96x96.jpg","caption":"Craig Sanderson"},"description":"Craig Sanderson is the Principal Cyber Security Strategist at Infoblox. Craig has over 25 years of experience in the CyberSecurity industry with a broad array of roles ranging from consultancy, security architecture, business development and product management. Over the last seven years, Craig has been responsible for creating the vision, strategy and delivered the execution of the Infoblox BloxOne Threat Defense solution. He continues to be passionate about the role that DNS can play in delivering world class cyber security with a particular emphasis on how DNS can become the foundation for national and governmental Protective DNS solutions","url":"https:\/\/www.infoblox.com\/blog\/author\/craig-sanderson\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/13352","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/177"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=13352"}],"version-history":[{"count":6,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/13352\/revisions"}],"predecessor-version":[{"id":13359,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/13352\/revisions\/13359"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/13354"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=13352"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=13352"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=13352"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}