“We see everything, both internal and external DNS traffic right down to each endpoint on the network. And we can enforce universal security policies at the DNS layer. It’s a game changer for cybersecurity.” –VP, Security Engineering at Mizuho Securities USA
TORONTO, Feb. 18, 2020 /PRNewswire/ — BlueCat, the Adaptive DNS™ company, today announced that Mizuho Securities USA (Mizuho) has unlocked unprecedented visibility and control over all of its DNS activity by deploying an integration of Cisco Umbrella and BlueCat DNS Edge products. The joint solution, developed as part of Cisco’s Security Technology Alliance (CSTA), is deployed to protect all their endpoints and helps enterprises like Mizuho take full advantage of DNS as a control plane for cybersecurity.
“It took us less than a week to deploy this solution and it immediately delivered value to the organization. We can now pinpoint the end-user devices that attempted to access suspicious domains,” said Sandy Kapoor, CTO at Mizuho. “That visibility shaved precious minutes off the average time to investigate incidents by our security operations center (SOC), and limited the number of escalations. The result is a greatly enhanced security posture and real cost and time savings.”
Research suggests that 91% of malware uses the DNS protocol for command and control, data exfiltration or to deliver malicious payloads within a corporate network. Despite this, cybersecurity teams struggle to piece together data from DNS queries to identify and prevent malicious activity. As a result, DNS remains an under-leveraged control plane that could be integrated with other cybersecurity applications like firewalls, web proxies and Security Incident and Event Management (SIEM) tools.
BlueCat’s integration with Cisco Umbrella helps organizations like Mizuho overcome this challenge by:
- Applying Cisco’s powerful threat detection and content filtering capabilities to any endpoint on the network, protecting them from malware, bad domains and other threats.
- Identifying the source of every outbound DNS query, so security teams can quickly pinpoint infected devices and take action to mitigate an attack.
- Seeing every internal “East-West” DNS query – including those that never go through the Cisco Umbrella cloud security platform. This speeds remediation, helps identify ‘patient zero’, and perform device forensics in any cyber-attack.
- Applying policies to internal traffic, limiting access to critical internal services and intellectual property or restricting access for IoT devices.
- Sending all DNS query logs to Mizuho’s SIEM for threat investigation and remediation.
About the Integration
The BlueCat DNS Edge integration with Cisco Umbrella fortifies network defenses, providing visibility and context into all internal and external traffic to find threats faster and prevent downtime. BlueCat DNS Edge is a security application that sits at the first hop of any network query, acting as the initial recursive server for all internal DNS records. This gives direct visibility into both the source IP as well as the “East-West” queries. This happens through lightweight service points which can be deployed quickly across the enterprise.
BlueCat is the Adaptive DNS™ company. The company’s mission is to help the world’s largest organizations thrive on network complexity, from the edge to the core. To do this, BlueCat re-imagined DNS. The result – Adaptive DNS™ – is a dynamic, open, secure, scalable, and automated resource that supports the most challenging digital transformation initiatives, like adoption of hybrid cloud and rapid application development. Learn more at www.bluecatnetworks.com.