Managing DNS Security Threat Categories
DigitalStakeout PDNS offers out-of-the box protection to the following types of malicious domains.
These threat categories are maintained 24x7 and sourced from a global network of real-time threat intelligence including customer reports, partner cyber threat intelligence and proprietary threat detection processes.
DigitalStakeout recommends all these categories be checked for all your policies at all times.
Current Security Category List and Description
Phishing - Domains hosting an active phishing site.
Poor Reputation - Domains controlled by spammers and bad actors.
Zero Reputation - New registered domains and dormant domains.
Domain Algorithm - Domains generated by an algorithm.
Adware - Domains hosting malicious adware.
Bad Nameserver - DNS servers with bad reputation.
Botnet Command - Domains hosting a botnet C&C.
Botnet Resource - Domains hosting a botnet component.
Malware Host - Domains hosting downloadable malware.
Covid Threat - Domains associated to Covid-19 related cyber crime.
Crypto Mining - Domains hosting crypto-mining scripts.
High Risk Networks - Domain hosted on globally blocklisted ip or network.
Public DoH - Public DNS over HTTPS sites.
Typosquatting - Typosquatting domains that target top sites.
Sinkhole Domains - Domains pointing to an intelligence & surveillance sinkhole.
Porn - Domains that host pornographic content.
Related Articles
Default DNS Security Policy Overview
You are in 100% control as to how DigitalStakeout PDNS protects your systems. Below is a detailed overview the your default security policy options. The default security policy is a good starting point for protecting your network and endpoints from ...
Threat Hunting with DigitalStakeout PDNS
A cloud-based DNS firewall, such as DigitalStakeout PDNS, can be an effective tool for threat hunting by security analysts. Here is a step-by-step guide on how a security analyst can use PDNS for threat hunting: Set up PDNS: The first step in using ...
Protective DNS Dashboard Overview
Note: Each company (tenant) has a unique dashboard. Learn more about companies. The DigitalStakeout PDNS dashboard provides administrators with a high-level time-based summary into key security metrics and information about a company's underlying ...
Implicit Deny ALL for DNS Resolution
The principle of least privilege (PoLP), also known as the principle of minimal privilege or the principle of least authority, requires a process or function must be able to access only the information and resources that are necessary for its ...
DNS Acronyms
These acronyms and terms are frequently used when discussing securing DNS. DNS: Domain Name System. This is a system that translates human-readable domain names (such as www.example.com) into numerical IP addresses that computers can use to ...