paloaltonetworks:dns_security
This is an old revision of the document!
Table of Contents
Palo Alto Networks DNS Security
Data Sources
- Passive DNS
- URL Filtering
Details
- Response in <100 Milliseconds
- More than 30 third-party sources of threat intelligence to enrich data and ensure you have coverage
- Does not require change to DNS Infrastructure
- Cannot be bypassed by using other resolvers
- 40% more threat coverage than other leading vendors
- Stops newly registered domains 6x faster than publicaly avaialble scanners
URL Categories Blockable
- Ad Tracking
- Command and Control
- Dynamic DNS Hosted
- Grayware
- Malware
- Newly Registered Domains (NRD)
- Parked
- Phishing
- Proxy Avoidance & Anonymizers
DNS Techniques
- Dangling DNS (PAN only)
- WildCard DNS (PAN only)
- NXNS Attack (PAN only)
- CNAME Cloaking
- Ultra-Slow DNS Tunneling
- Data Theft
- DNS Tunneling
- DNS Infiltration
- Compromised DNS Zone
- DNS Rebinding
- Strategically Aged Domains
- Domain Squating
- Domain Generation Algorithm (DGA)
- Dictionary DGA
- Fast Flux Domains
- DNS Rebinding Attacks
- Dangling SNA Attacks
paloaltonetworks/dns_security.1688452976.txt.gz · Last modified: by bstafford