Live Demo: DNS Command and Control, DNS Leak, Botnet Detection, and more
SAN DIEGO, CA – June 08, 2015 – Plixer International, a leading network incident response and flow forensics company, announced today at CiscoLive 2015, new threat discovery algorithms for their FlowPro Defender, a security appliance which also produces IPFIX from network traffic.
The new functionality provides network and IT professionals additional insight into malicious activities that have high-jacked the Domain Name System (DNS). “DNS TXT messages provide a means of sending information into and out of your protected network over DNS, even when you have blocked use of an external DNS server,” says John Jerrim, Director of Cyber Forensics at Plixer. “Being able to detect misuse of the DNS protocol will allow you to stop the exfiltration faster.
End systems involved with suspicious DNS communications or participating in other unwanted behaviors end up with a higher Threat Index™ and, over time, a threshold can be reached – triggering notification. By correlating IP addresses with authentication systems such as Microsoft Active Directory or Cisco ISE, the Plixer cyber threat detection system ensures that customers can associate actual usernames to the ends systems involved. Plixer’s suite of security appliances includes Scrutinizer, Flow Analytics, FlowPro Defender, and the Flow Replicator. When combined, the systems compile, weigh, and correlate a series of events that, over time, uncover behaviors that often positively identify low-and-slow infections or misconfigured systems.
To learn more about FlowPro Defender and its advanced flow and DNS security algorithms, reach out to our team to schedule a product demonstration, or visit us at booth 1501 at the show.
Plixer International, Inc. is a leading threat detection and flow forensics provider focused at engineering the incident response system for uncovering unwanted communication behaviors. Rather than depending on packet signatures, their strategy uncovers unwanted communications by leveraging NetFlow, IPFIX, sFlow and other derivatives. The company was built by network and system engineers who understand the need for scalable distributed collection solutions that meet the dynamic demands of security and network professionals. Customers include CNN, The Coca-Cola Company, Lockheed Martin, IBM, Regal Cinemas, Raytheon, and Eddie Bauer. To learn more, please visit https://www.plixer.com.
Published in Press Releases 2015