Our First Product Is a DNS Firewall and Web Filter
We started with a DNS Firewall and Web Filtering there is PLENTY of room for improvement with DNS-level security. The new normal is that everyone is working remotely and connecting to cloud apps to do their work. Many organizations will have to re-calibrate their idea of the “network”, and much on-site hardware and appliances will quickly become obsolete. With the explosion of ransomware, organizations are going to have to re-think what they allow their endpoints to connect to and why.
What is a DNS Firewall and Web Filter?
This security solution gives endpoints connecting directly to the Internet protection from the most common delivery of attacks. Most malware requires a host name to be resolved. With the right threat intelligence and configuration, 90% of new malware delivery can be mitigated at the DNS layer. The untold reality is that most DNS Firewall & Web Filtering solutions reduce approximately 50% of threats at DNS alone and require a cloud proxy to mitigate a higher percentage of threats.
With Securd’s solution, you can:
- Mitigate threats in real-time from ransomware, malware, phishing, adware, and more.
- Reduce the privacy exposure of third-parties observing your DNS and web traffic.
- Add increased security, privacy, and productivity without impacting speed or online experience.
- Reduce the cost of backhaul VPN traffic, risk of ransomware payouts, and business disruptions.
How Protection from Securd is Different
- We use a zero-trust security approach to provide you control of a never-ending security challenge.
- We enable customers to create a tenant level grey wall. This type of grey wall creates a trained and timed boundary from the unknown just for your networks, endpoints and end-users.
- We allow you to control the Internet’s continually expanding attack surface on your terms. You will be able to reduce attackers’ infrastructures and opportunities to deploy malware by 90%.
How Our Zero Trust DNS Works
Zero-trust means what it sounds like it does. We score the linkages on the Internet with a trust score and address all the nuances of DNS traffic to maintain our end-users online experience. Based on your risk tolerance and security situation, you can quickly distance your team and your endpoints from the unused and non-trusted Internet without a negative impact on experience or performance. Your users will be able to access the sites they need and trust while Securd stops attacks and delays emerging threats from unknown, new, and untrusted domains.
From our perspective, the overwhelming majority of the valid traffic your endpoints and end-users will ever use on a repeated basis will be in the green figure above and inside our top domains. Inside our top domains is where real-time threat intelligence and quality indicators are paramount to stop bad actors exploiting “trustworthy” and established infrastructure. At this layer, we’re on a global Anycast network in 30+ worldwide, giving users a 10ms secure DNS experience.
Delaying and Disrupting Your Cyber Adversaries
Greywalls are used as a timing mechanism to disrupt standard methodologies by malware, slow access to new phishing sites, and block access to domains with zero histories or reputation. Unlike other web security solutions or using a response policy zone (RPZ) or a newly global observed domain list (NOD), we track observed domains on a per-company basis. The grey wall ensures that any trusted or untrusted area of the Internet has delayed access for that specific company after a learning period. This method enables administrators to implement zero-trust models just for the company and limit the scope of attackers options targeting your company. Greywalling is replicated across our Anycast network in real-time. Whether your endpoints are in the United States or Australia, protection is fully synchronized or released globally in milliseconds. In the figure above, yellow and red are the unknown, unused, and not trusted. In just a few clicks, net new Internet property created is now blocked to the timing of your choosing from 5 mins to 90 days+. New domain registrations, randomly generated domain names, phishing sites, typosquats, etc. are all captured by the same defense.
You now have a simple and yet powerful means to create “your Internet” and establish how quickly these assets get to interact with your endpoints. You are 100% in control of how long you want to train your grey wall, how you set trusted and untrusted scores, and how long you choose to grey wall hosts. As a complete fail-safe for customers who want absolute decision over order the of operation and what is blocked or allowed, global lists are options that can be set at the hostname or domain level.
Security Features Should Not Be Restricted
A core belief we are operating under is the idea every customer should have access to the same security to protect what matters most. That’s the point, right? Whether you are a small business or an enterprise, you will get the same security categories, defenses & edge network performance to protect your team and endpoints. Please check out product page for current features.
We Hope to Become Your First Defense
In the coming months, we expect to meet and exceed any DNS Firewall & Web Filtering capability offered today! We look forward to the working with our future customers, partners and team members. We look forward to working with the information security community and driving innovation and change.
Please follow us on LinkedIn and Twitter @getsecurd to stay informed on our progress, updates, advisories, etc.