Threat Intelligence with Infoblox ActiveTrust | DDI (Secure DNS, DHCP, and IPAM) | Infoblox

PROACTIVELY DETECT AND CONTAIN CYBERATTACKS WITH ACTIVETRUST®

PROACTIVELY DETECT AND CONTAIN CYBERATTACKS WITH ACTIVETRUST

“Within two hours, Infoblox supplied members of the community with a series of high priority action alerts containing confirmed threat indicators.”

ActiveTrust® enables organizations to proactively detect and prevent cyber threats. Infoblox ActiveTrust® bundles Infoblox DNS Firewall, Infoblox Threat Insight in the Cloud, Infoblox Threat Intelligence Data Exchange (TIDE) and Infoblox Dossier. The solution prevents data exfiltration and malware C&C communications via DNS, centrally aggregates curated internal and external threat intelligence, distributes threat data to the customer’s existing security infrastructure and expedites threat investigation through triage and context.

Using Infoblox ActiveTrust®, organizations can:

  • Prevent DNS based data exfiltration at scale by moving it to the cloud
  • Prevent DNS based Command and Control (C&C) and botnet communications (DNS Messenger, DGA, Fast Flux)
  • Acquire curated threat intelligence from internal and external sources and selectively distribute data
  • Quickly investigate threat indicators for context and prioritization
  • Expedite threats remediation by sharing curated threat intelligence in real time with existing security systems including next generation firewalls, SIEM, web proxies
  • Extends the unique visibility we have into DNS such as indicators of compromise (IoCs) to other security systems (including NAC, SIEM and vulnerability scanner)

Proactively Detect and Prevent DNS Based Data Exfiltration and Malware C&C Communications

Most Internet communications, including malware, rely on DNS. Attackers are taking advantage of DNS to exfiltrate data and as a malware control point. Over 91% of malware uses DNS to communicate with the command and control (C&C) server or redirect traffic to malicious sites. Existing security controls, such as firewalls, email proxies and Web proxies, rarely focus on DNS and associated threats. DNS is as critical a protocol as web and email and as such justifies the need for a dedicated solution for early detection and for sharing valuable network context with the broader ecosystem to accelerate response.

With Infoblox DNS Firewall and Threat Insight in the Cloud you gain proactive network protection against data exfiltration and fast-evolving, elusive malware threats that exploit DNS to communicate with command and control (C&C) servers and botnets.

Proactively Detect and Prevent Malware C&C Communications via DNS with Infoblox DNS Firewall

Proactively Detect and Prevent Malware C&C Communications via DNS with Infoblox DNS Firewall

Proactively Detect and Prevent DNS Based Data Exfiltration and Malware C&C Communications

Most Internet communications, including malware, rely on DNS. Attackers are taking advantage of DNS to exfiltrate data and as a malware control point. Over 91% of malware uses DNS to communicate with the command and control (C&C) server or redirect traffic to malicious sites. Existing security controls, such as firewalls, email proxies and Web proxies, rarely focus on DNS and associated threats. DNS is as critical a protocol as web and email and as such justifies the need for a dedicated solution for early detection and for sharing valuable network context with the broader ecosystem to accelerate response.

With Infoblox DNS Firewall and Threat Insight in the Cloud you gain proactive network protection against data exfiltration and fast-evolving, elusive malware threats that exploit DNS to communicate with command and control (C&C) servers and botnets.

Manage and Distribute Verified Threat Intelligence With the Flexible Infoblox Threat Intelligence Data Exchange (TIDE)

Manage and Distribute Verified Threat Intelligence With Infoblox Threat Intelligence Data Exchange (TIDE)

Infoblox TIDE enables the collection, aggregation, and management of threat data from internal sources and multiple external sources including Department of Homeland Security’s Automated Indicator Sharing (AIS) feeds . In addition, TIDE enables the selective dissemination of curated threat data to your existing security infrastructure such as the Infoblox DNS Firewall, SIEMs, next generation firewalls, web proxies, vulnerability management systems, end point security and more to protectively remediate and prevent future attacks.

Save Time and Money With a Comprehensive Investigation Tool – Infoblox Dossier

Infoblox Dossier is a threat indicator research tool that gives contextual information from several sources simultaneously to prioritize threats. It empowering users to make accurate decisions quickly and with greater confidence. Search results are all displayed in a clean, consolidated interface. By using Dossier, customers save up to 30% of the time spent in threat analysis. Dossier is an affordable solution and pricing is based on usage.

Save Time and Money With a Comprehensive Investigation Tool – Infoblox Dossier

Infoblox Dossier is a threat indicator research tool that gives contextual information from several sources simultaneously to prioritize threats. It empowering users to make accurate decisions quickly and with greater confidence. Search results are all displayed in a clean, consolidated interface. By using Dossier, customers save up to 30% of the time spent in threat analysis. Dossier is an affordable solution and pricing is based on usage.

THE INFOBLOX DIFFERENCE

Infoblox ActiveTrust® delivers Actionable Network Intelligence (ANI) with flexible threat intelligence integrated into your DDI environment. You can therefore proactively detect, investigate, prioritize, remediate and prevent cyberthreats.

THE INFOBLOX DIFFERENCE

Infoblox ActiveTrust® delivers Actionable Network Intelligence (ANI) with flexible threat intelligence integrated into your DDI environment. You can therefore proactively detect, investigate, prioritize, remediate and prevent cyberthreats.

KEY FEATURES

Prevent DNS Based Data Exfiltration and Malware Propagation

Leverage Infoblox Threat Insight in the Cloud and Infoblox DNS Firewall in preventing data exfiltration malware communications with C&C sites

Hasten Threat Investigation

Allows security researchers to investigate threats using threat context and inputs from multiple sources, enabling them to prioritize threats and take action quickly

Centrally Collect and Manage Threat Data

Collect curated threat intelligence data from internal and external third party sources

Distribute Threat Data Throughout the Infrastructure

Easily deploy, threat data using API and pre-built integrations with existing security infrastructure, to remediate threats and prevent future attacks

KEY FEATURES

Prevent DNS Based Data Exfiltration and Malware Propagation

Leverage Infoblox Threat Insight in the Cloud and Infoblox DNS Firewall in preventing data exfiltration malware communications with C&C sites

Hasten Threat Investigation

Allows security researchers to investigate threats using threat context and inputs from multiple sources, enabling them to prioritize threats and take action quickly

Centrally Collect and Manage Threat Data

Collect curated threat intelligence data from internal and external third party sources

Distribute Threat Data Throughout the Infrastructure

Easily deploy, threat data using API and pre-built integrations with existing security infrastructure, to remediate threats and prevent future attacks

RELEVANT SOLUTIONS

Data Protection and Malware Mitigation
Protect users and data

Infrastructure Protection
Maintain higher availability even under cyberattacks

IT Compliance
Ensure compliance with automation and intelligence

Analyze your DNS configuration to determine your DNS risk score

[contact-form-7 id="10507" title="Contact form 1"]