How do your security services work?

To understand how our services work, you have to first understand a bit about DNS. If you already know this stuff please skip to the next paragraph. DNS is like the “phonebook” computers use to find each other over the Internet. Computers connect to each other using these strings of numbers called IP addresses, but humans aren’t really good at remembering arbitrary strings of numbers. So one day a couple pretty smart dudes (Paul Mockapertris and Jon Postal) invented something called the “Domain Name System” or DNS. This meant that people only needed to remember some names (eg Google or Yahoo or Pornhub) to be able to connect their computers to those servers.

“Computer Viruses” in the sense of code that gets on your computer and messes your stuff up for no reason, essentially no longer exist. We haven’t seen “viruses” in any real number since around 2006. What replaced viruses is malicious software aka “Malware”. And by replace we mean an average of over 100K new ones per day! (Hash unique samples for you nerds)

Malware goes by many other names in a marketing driven security industry. Trojans, RATs, Droppers, Bot code, and many many more. We personally stopped listening to the marketing babble after APT became the new term. End of the day it is all the same badness. It is code that gets on your computer without your permission or through subterfuge, and hides or pretends to be legitimate while collecting your data.

The Malware then communicates with its creator to receive new instructions or to deliver your personal data it has stolen. We call this the Command and Control or C2 functionality. Of all those millions of malware samples we have seen in the last several years over 90% use DNS to locate their command and control. By preventing the DNS lookups for the millions of domains we know to be C2 related we can make you more secure. By analyzing the who, what, where, when, and why of every domain registration each day (for over 5 years) we can quite accurately predict domains that will become C2 and prevent your computer from connecting to them too. The same with phishing domains, malicious advertising networks, and much much more. If you would like more information on how our DNS based security intelligence works please email us.

Have more questions? Submit a request


Please sign in to leave a comment.