BlueCat DNS Edge Pounces on Insider Threats
The solution uses DNS data to detect suspicious behavior within enterprise networks.
Toronto-based enterprise DNS (domain name system) security vendor BlueCat recently released a new product that offers businesses a way to discover and block insider threats originating from practically every type of device on a network.
One of the main challenges of safeguarding corporate networks in the Internet of Things (IoT) era is the sheer variety of connected devices. As businesses load up with sensors, cameras and other "things" that pour data into the networks, IT security teams often contend with non-standard or potentially unsecure architectures.
Administrators are often left in the dark concerning the technical capabilities of the connected devices that are invading their environments. By now, enterprises are well accustomed to deploying a Windows patch to a company's PC fleet after a vulnerability is discovered. Dealing with large numbers of flawed or compromised IoT devices from innumerable vendors is another matter.
Relying on the ubiquity of DNS, BlueCat's new DNS Edge product can detect and block potentially dangerous threats that originate from IoT devices and every other device connected to a network.
The cloud-managed solution piggybacks on an organization's existing DNS infrastructure.
"BlueCat DNS Edge is the first DNS security solution with the flexibility to deploy anywhere businesses need it – on premise, in the cloud, and as a core part of IoT architectures," said Andrew Wertkin, chief product and technology officer at BlueCat in a statement. "Once deployed, DNS Edge can identify and remediate threats, provide forensics for the security operations center, and deliver device-specific telemetry without the need to deploy any agent or client on the devices."
Businesses today are watchful of DNS systems, a critical part of how the internet and many enterprise networks operate, due to recent high-profile incidences involving distributed denial of service (DDoS) attacks. BlueCat uses DNS to strengthen security instead.
It analyses DNS data for patterns of unusual behavior, weather a device communicates with external networks or other devices within its own network. This capability can help businesses spot insider threats.
"The vast majority of data breaches are caused by internal 'bad actors' – people and devices accessing protected data. Every company has access to core DNS data that can predict and prevent these security incidents," said Michael Harris, CEO of BlueCat, in a statement.
BlueCat DNS Edge is available now and complements the company's DNS Integrity suite of network services.