HardenStance Briefing – Where’s DNS in the XDR Roadmap?
Where’s DNS in the XDR Roadmap?
- Whether it’s managed from a SIEM, the endpoint itself, or a dedicated XDR platform, endpoint data inevitably features at the heart of first phase XDR implementations.
- As XDR architectures and portfolios evolve to ingest more data and use that data more effectively, security teams and their vendors should consider how DNS detection and response (DNSDR) can enhance XDR – and where to source it from.
- Providing enriched context around malicious domains; DNS tunnelling events; command and control messages; suspicious domains and lookalike domains are among the high value features of an effective integration of DNSDR into XDR.
If your Download does not start Automatically, Click Download Whitepaper