DNSFilter nabs $30M to fight DNS threats with AI

All the sessions from Transform 2021 are offered on-demand now. Watch now.


DNSFilter, a Washington, D.C.-based provider of DNS content filtering and threat protection options, today announced that it closed a $30 million series A funding round led by investment firm Insight Partners. CEO Ken Carnesi stated that the proceeds, which bring DNSFilter’s total raised to $36 million, will place toward item development and strategic initiatives like partnerships, as nicely as expanding the company’s workforce.

Cisco located in 2016 that 90% of malware applications use DNS to carry out campaigns. And according to IDC, organizations faced an typical of more than nine DNS attacks in 2019, an boost of 34% year-more than-year. Costs went up 49% compared with 2018, which means that one in 5 organizations lost just more than $1 million per attack.

DNSFilter aims to combat the increasing threats with a service developed to safeguard against DNS-originated phishing, malware, ransomware, and more. Its network, which spans across 48 datacenters, offers domain evaluation that is exported to safety reports as nicely as logs.

“I founded DNSFilter after OpenDNS was acquired by Cisco. I owned a managed service provider — still do! — and was a loyal OpenDNS customer. However, as many companies do when they are acquired by major entities: pricing went up, product innovation stagnated, and I could never seem to get any support on the phone,” Carnesi told VentureBeat by way of e mail. “So, I decided to create a more innovative product that had the existing features and capabilities of OpenDNS, but was powered by machine learning.”

AI-driven DNS safety

At a higher level, DNS translates web domain names like “www.example.com” into IP addresses (e.g., 172.10.254.1) to find servers and route information worldwide. The design and style of the DNS is based on trust — that machines on the web are who they say they are. But DNS’ open, distributed architecture tends to make it a profitable target for attack. A malicious actor can use DNS to direct a query to the incorrect internet site or intercept an e mail, for instance. That’s probably why safety analysts at Infoblox in a current whitepaper referred to as DNS “a bellwether for malicious activity.”

According to Carnesi, one of DNSFilter’s most significant focuses is threat identification accuracy. AI is a portion of this — in 2018, the firm acquired Web Shrinker, which supplied internet site screenshot and API services, leveraging machine finding out to determine threats and domains in actual time.

“The way our AI-driven threat identification works is that it scans a domain by simulating a human-driven browser session.  This allows us to spot threats that other tools — which just scan code — do not, because hackers are very clever and will serve different content to scanning bots,” Carnesi explained. “When our AI scans a site, it mimics the type of browser session a real person will have, allowing us to categorize the site more accurately. Once we actually scan the site, we have a number of threat markers that the AI looks for. If the site reaches a certain threshold of these markers, our AI will categorize that site as a threat.”

One of the more exciting points about DNSFilter’s AI is that shoppers are central to the instruction model, Carnesi says. As the platform scans more internet sites, it learns how threats are evolving, and DNSFilter’s safety researchers verify its work — assisting the firm to catch 76% of domain-based threats, Carnesi claims. Beyond this, client information is enabling DNSFiler to discover the idea of DNS fingerprinting, which would let the platform to far better comprehend behavior taking place inside an atmosphere based on the varieties of queries occurring.

“Enterprises need full-scale protection from ransomware and phishing attacks, and securing the DNS layer is one of the best barriers a company can deploy against these attacks. Everything starts with a DNS query — even other security layers rely on DNS to operate. So, when your DNS is not secure as a company, you’re vulnerable,” Carnesi stated. “With more companies choosing remote work long-term, their employees are no longer protected by the internal, network firewall. So they need a solution that protects the endpoints directly.”

DNSFilter presently scans “billions” of domains each day for more than 185,000 finish customers and more than 14,000 brands like Lenovo, Newegg, The Salvation Army, and Nvidia, catching threats an typical of 5 days prior to “static feed” competitors. By the finish of 2021, Carnesi says, DNSFilter will block more than 1.1 million threats just about every 24 hours.

“We’ve been incredibly fortunate that the pandemic has been great for business … Business has increased dramatically as companies have looked for ways to protect their teams while out of the office. The traditional firewall model became very outdated in 2020, so it was a good year for us,” Carnesi stated. “We have customers with offices internationally who only use our threat categories, as they’re seeking peace-of-mind in the age where ransomware and double extortion ransomware are wreaking havoc on businesses.”


Originally appeared on: TheSpuzz

iSlumped