DNS Threat Assessment Tool PILOT

DNS is a primary tool in a threat operator's arsenal and at the heart of the C&C infrastructure. Do you want insight into your DNS to see which threat actors are using your DNS to attack and compromise your internal network assets? Damballa’s DNS Threat Assessment tool will do exactly that. Not only who (which threat operators) but where they are going.

Monitoring 15% of the world's DNS internet activity provides massive insights into how threat operators work, the tactics they use to compromise corporate assets, and their C&C infrastructure. Damballa’s Threat Discovery Center (TDC) is able to use this big data to track operator groups, their intent, crimeware tools, and always changing Command and Control infrastructure.

You can quickly and easily get access to the TDC threat intelligence and uncover which threat operators are using your DNS to control or compromise assets inside your network.

We are launching a new DNS Threat Assessment tool and are looking for pilot customers. It takes 15 minutes to setup the pilot and it runs touch­free. It will be provided for pilot customers for 2 weeks free of charge.

​At the end of the 2 week assessment you will receive:

​DNS Threat Assessment:

  • Threat Actors active inside the network:
    • ​​Volume of malicious DNS activity
  •  Detailed information about threat actors, including:
    • Date first seen globally
    • Worldwide prevalence/size of threat actor
    • How they usually work inside an organization if available
    • The types of information the actor is after if available
    • General AV Coverage against actors from leading AV engines
    • Representation of the current command and control network
    • Count of malicious DNS queries
How it all works
  • You will simply redirect all or a portion of your DNS traffic to our DNS server as the ‘primary’ for 2 weeks.
  • Directions will be provided for the 3 most common DNS systems (Microsoft, Bind) how to point DNS to us.
  • It will also include instructions to use Damballa as “Primary” and add a “Secondary” DNS server as a backup to ensure uninterrupted internet.
  • Redirecting DNS will require a minimal time investment with little or no downtime for team.
  • Once configured, we will collect DNS data for 2 weeks, and generate a simple report for you.
  • You can stop the assessment at anytime by simply changing “Primary” DNS back to original setting.

If you are interested in participating in this free DNS Threat Assessment Tool pilot, please fill out the form here. No commitment is required at this time. You will receive additional details when the pilot is launched.

Please complete the form.