London, UK – April 4, 2017 – SOC Prime warns about the risks of DNS protocol usage and the necessity to secure your network against them. Most organizations across the globe use DNS, but at the same time it is extremely difficult to control this protocol, because only expensive and rarely used tools can analyze the data contained in DNS packages. This opens the way for hackers to use DNS tunneling. This protocol is a dangerous attack vector through the possibility of including data in DNS requests, and only extremely large organizations can resist it. We offer DNS Security Check (https://my.socprime.com/en/ucl/dns/) for ArcSight, QRadar and Splunk to find possible anomalies and incorrectly configured IT equipment that sends suspicious DNS queries in your corporate network.
You can use the basic version of this SIEM Use Case free of charge to find and identify key issues of the protocol in your organization. With DNS Security Check, you will be able to detect requests to non-corporated DNS servers, DNS packages of anomalously large sizes and presence of botnet traffic at your network. This Use Case and your SIEM system can ensure the security of DNS communications and mitigate risks of DNS usage. Register for Use Case Library to get this and other Use Cases absolutely free.