The Domain Name System (DNS) is like the internet’s phone book, automatically and near-instantly translating requests for websites and mobile apps from their domain names to the Internet Protocol addresses of the actual computers hosting them. As part of the bedrock of the internet, DNS and domain name lookup are also prime vehicles for threat actors to launch cyberattacks, so DNS-based protections can act as an important early layer of defense against cyberattacks.
Using DNS to advance cyberattacks is a serious threat, and Infoblox indicated 92% of malware uses DNS for command and control communication in a study published this year. To support the security choice of our customers, we’re partnering with Infoblox to deliver DNS Armor, a cloud-native DNS security service available now in preview.
DNS Armor provides preemptive threat detection for internet-bound DNS queries initiated from Google Cloud workloads. It complements our existing cloud-first network security product portfolio by offering a foundational security layer that identifies DNS-based threats, including requests to malicious command and control (C2) servers, DNS tunneling for sensitive data exfiltration, and malware using DNS query.
DNS Armor benefits from Infoblox’s preemptive DNS threat defense, which analyzes over 70 billion DNS events every day, and adds 4 million new threat indicators to their database every month. This preemptive approach to detection using DNS event analysis helps identify DNS-based threats 68 days earlier than complimentary security tools.
“As a customer of both Infoblox and Google Cloud, we’re excited about the transformative potential of this collaboration. Google Cloud’s DNS Armor, powered by Infoblox, is a leap forward in cybersecurity, combining the strengths of both companies to deliver visionary, proactive threat defense,” said Alfredo Rodriguez, vice president, Cloud Platform Infrastructure, Sabre Corporation.
