Managing DNS Security Threat Categories
Securd offers out-of-the box protection to the following types of malicious domains.
These threat categories are maintained 24x7 and sourced from a global network of real-time threat intelligence including customer reports, partner cyber threat intelligence and proprietary threat detection processes.
Securd recommends all these categories be checked for all your policies at all times.
Current Security Category List and Description
Phishing - Domains hosting an active phishing site.
Poor Reputation - Domains controlled by spammers and bad actors.
Zero Reputation - New registered domains and dormant domains.
Domain Algorithm - Domains generated by an algorithm.
Adware - Domains hosting malicious adware.
Bad Nameserver - DNS servers with bad reputation.
Botnet Command - Domains hosting a botnet C&C.
Botnet Resource - Domains hosting a botnet component.
Malware Host - Domains hosting downloadable malware.
Covid Threat - Domains associated to Covid-19 related cyber crime.
Crypto Mining - Domains hosting crypto-mining scripts.
High Risk Networks - Domain hosted on globally blocklisted ip or network.
Public DoH - Public DNS over HTTPS sites.
Typosquatting - Typosquatting domains that target top sites.
Sinkhole Domains - Domains pointing to an intelligence & surveillance sinkhole.
Porn - Domains that host pornographic content.
Threat Hunting with Securd
A cloud-based DNS firewall, such as Securd, can be an effective tool for threat hunting by security analysts. Here is a step-by-step guide on how a security analyst can use Securd for threat hunting: Set up Securd: The first step in using Securd for ...
An Example of How the Greywall Blocks a Phishing Threat
The Securd Greywall reduces risk by limiting unwitting end-users from temporarily interacting with domains, hostnames, and URLs with zero histories, reputation, or generated by an algorithm. Here is an example how it prevents a user from unwittingly ...
Implicit Deny ALL for DNS Resolution
The principle of least privilege (PoLP), also known as the principle of minimal privilege or the principle of least authority, requires a process or function must be able to access only the information and resources that are necessary for its ...
These acronyms and terms are frequently used when discussing securing DNS. DNS: Domain Name System. This is a system that translates human-readable domain names (such as www.example.com) into numerical IP addresses that computers can use to ...
Managing Custom Block Pages
What is a Block Page? A common feature in a DNS security or web security solution is a block page. If a user attempts to access a blocked resource through a web browser, the security solution redirects the user to a hosted block page. Instead of ...