Using Billions of DNS Records to Secure Internet Access
At DigitalStakeout, we’re sitting on billions of fresh DNS data points. We see an unprecedented spike in cybercrime. We decided to solve a long unsolved security problem – poor DNS security. We created the Securd brand to provide security & IT teams best-of-breed, simple, scalable protective DNS security that is easy to deploy and mitigates cyber risk long term.
We started with a protective DNS because there is PLENTY of room for improvement with DNS-level security. The new normal is that everyone is working remotely and connecting to cloud apps to do their work. Many organizations will have to re-calibrate their idea of the “network”, and much on-site hardware and appliances will quickly become obsolete. With the explosion of ransomware, organizations are going to have to re-think what they allow their endpoints to connect to and why.
What is Protective DNS?
DigitalStakeout Securd gives endpoints connecting directly to the Internet protection from the most common delivery of attacks. Most malware requires a host name to be resolved. With the right threat intelligence and configuration, 90% of new malware delivery can be mitigated at the DNS layer. The untold reality is that most DNS filtering solutions reduce approximately 50% of threats at DNS alone and require a cloud proxy to mitigate a higher percentage of threats.
With DigitalStakeout’s solution, you can:
- Mitigate threats in real-time from ransomware, malware, phishing, adware, and more.
- Reduce the privacy exposure of third-parties observing your DNS and web traffic.
- Add increased security, privacy, and productivity without impacting speed or online experience.
- Reduce the cost of backhaul VPN traffic, risk of ransomware payouts, and business disruptions.
How DNS Protection from Securd is Way Different
- We use a zero-trust security approach to provide you control of a never-ending security challenge.
- We enable customers to create a tenant level grey wall. This type of grey wall creates a trained and timed boundary from the unknown just for your networks, endpoints and end-users.
- We allow you to control the Internet’s continually expanding attack surface on your terms. You will be able to reduce attackers’ infrastructures and opportunities to deploy malware by 90%.
How Our Zero Trust DNS Works
Zero-trust means what it sounds like it does. We score the linkages on the Internet with a trust score and address all the nuances of DNS traffic to maintain our end-users online experience. Based on your risk tolerance and security situation, you can quickly distance your team and your endpoints from the unused and non-trusted Internet without a negative impact on experience or performance. Your users will be able to access the sites they need and trust while Securd stops attacks and delays emerging threats from unknown, new, and untrusted domains.
From our perspective, the overwhelming majority of the valid traffic your endpoints and end-users will ever use on a repeated basis inside our top trusted domains. Inside our top trusted domains is where real-time threat intelligence and quality indicators are paramount to stop bad actors exploiting “trustworthy” and established infrastructure.
Delaying and Disrupting Your Cyber Adversaries
Greywalls are used as a timing mechanism to disrupt standard methodologies by malware, slow access to new phishing sites, and block access to domains with zero histories or reputation. Unlike other web security solutions or using a response policy zone (RPZ) or a newly global observed domain list (NOD), we track observed domains on a per-company basis. The grey wall ensures that any trusted or untrusted area of the Internet has delayed access for that specific company after a learning period. This method enables administrators to implement zero-trust models just for the company and limit the scope of attackers options targeting your company. Greywalling is replicated across our Anycast network in real-time. Whether your endpoints are in the United States or Australia, protection is fully synchronized or released globally in milliseconds. In just a few clicks, net new Internet property created by bad actors is blocked to the timing of your choosing from 5 mins to 90 days+.
Block Newly Registered Domains to Misspelled Domains
You now have a simple and yet powerful means to create “your Internet” and establish how quickly these assets get to interact with your endpoints. You are 100% in control of how long you want to train your grey wall, how you set trusted and untrusted scores, and how long you choose to grey wall hosts. As a complete fail-safe for customers who want absolute decision over order the of operation and what is blocked or allowed, global lists are options that can be set at the hostname or domain level.
Security Features Should Not Be Restricted
A core belief we are operating under is the idea every customer should have access to the same security to protect what matters most. That’s the point, right? Whether you are a small business or an enterprise, you will get the same security categories, defenses & edge network performance to protect your team and endpoints.
Make DigitalStakeout Securd Your First Defense
DigitalStakeout Securd meets and exceed any DNS Firewall & Web Filtering capability offered today! We look forward to the working with our future customers, partners and team members. We look forward to working with the information security community and driving innovation and change.