Use Case 2: Reduce Attack Surface/IoT

Reduce Attack Surface with DNS

Security architects and IT operations staff are constantly challenged to limit access to sensitive data and lock down vulnerabilities in IoT and mobile devices. DNS is a powerful but often unmonitored protocol that is often wide open to external threats. Adversaries routinely exploit vulnerabilities in DNS to gain access to critical data. Studies show that 91% of malware use DNS for command & control within seconds of infection.

Thankfully, with the right vulnerability management tools you can minimize the attack surface that DNS presents to potential adversaries.

That’s where DNS Edge comes in.

DNS Edge makes it easy to set security controls and eliminate DNS as an attack vector. Edge is quick and effective, it enables security architects to create granular policies that establish least-privilege access at the DNS level, dramatically reducing your digital attack surface.

Lock Down and Limit IOT

BlueCat DNS Edge

Let’s take a closer look at DNS Edge in action.

Here’s a use case from the retail industry, but it could really apply to any organization which leans on IoT and other connected devices.

Today’s retail stores have a ton of connected devices – from security cameras to point of sale machines to inventory sensors. These devices are constantly using DNS to query the network and push information out, and usually do the same thing every day.  That’s a significant software attack surface.

What happens when one of those devices gets hacked? It will probably deviate from its normal behavior pattern. Instead of querying the security server, a remote camera might look for something on the finance server. You’d only know this was happening if you were looking at DNS.

BlueCat DNS Edge

DNS Edge policy control can limit all the devices in a retail outlet to just the data and services they need to access. All attempts to reach outside domains or services from these POS devices will be blocked, preventing a breach and alerting security teams in real time that these devices are likely infected.

This is just one real world example – each industry and organization has unique needs for attack surface reduction – and unique ways that DNS Edge can help.

You probably have more questions. We have answers to those questions.

Contact us to learn more about the capabilities of DNS Edge.