Accelerates Holistic Threat Detection and Response

DNSFilter today announced the availability of Data Export, a new feature allowing security teams to accelerate strategies for holistic threat detection and response in the enterprise. Data Export automates the export of DNSFilter query log data to leading Security Information and Event Management (SIEM) and security monitoring solutions to be aggregated, analyzed, and actioned with multiple data sources.

DNSFilter Accelerates Holistic Threat Detection and Response in the Enterprise with Data Export

“The sheer amount of data in modern enterprise environments makes it challenging for security teams to ingest security-related data at scale, manage security tools effectively, and take action against advanced threats,” said Steve Staden, Senior Director of Product Management, DNSFilter. “With Data Export, we are streamlining the process of exporting data from an organization's largest attack vector: the Internet itself, to leading security monitoring solutions. This reduces manual burden and provides visibility into DNS to create the full security picture for organizations.”

Security teams are increasingly adopting technologies that provide the ability to ingest, correlate, search, and action data from across the entire enterprise and cloud attack surface in a centralized location. Today, more than 70% of cyberattacks involve the Domain Name System (DNS) layer. Data Export automates the process of exporting query log data from DNSFilter’s AI-powered DNS security solution to Splunk and Amazon S3 buckets. S3 can then be used as an intermediary for SIEM and SOAR products from AlienVault, Datadog, LogRhythm, Loggly, Perch, Rapid7, and more. Data is exported in near real time and analyzed alongside additional security events and data sources to provide visibility across enterprise environments and respond to threats. Key benefits include:

• Automated export: Security teams no longer need to manually export DNS layer data into a security monitoring solution. More than 25 categories of query log data including domain name, request address, server address, and more are automatically exported, saving significant time and resources.
• Long-term search: Finding hidden threats requires the ability to continuously run new analysis on historical data. Data Export allows security teams to retain and analyze historical DNSFilter data in their security monitoring solution.
• Single pane of glass: DNSFilter data can be aggregated alongside all endpoint, cloud workload, and additional enterprise data sources to correlate events and take action in a single location.

DNSFilter will be demonstrating its new Data Export feature at RSAC 2022 in San Francisco, CA, June 6-9 at Booth #3301. Meet the DNSFilter team at RSA.

‍