Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
To help secure the network, workstations are often configured to communicate with approved DNS servers. DNS-based attacks include redirecting traffic to malicious domains or beaconing to a command-and-control server through a DNS tunnel. Misconfigured clients, mobile devices, or guest devices on your network might communicate with unknown public DNS servers. The impact to a business can be low, but this activity should be examined before it enables critical and costly attacks.
Kill Chain
Risk Score
42
Configure all workstations to send queries to an internal DNS server that filters or blocks suspicious domains
