Viruses, Trojans, or drive-by downloads. Whatever you name them, “zero-day” malware variants regularly bypass firewalls and antivirus.
“Okay, but my firewall or antivirus provider says they now have signature-less technology to detect advanced malware.”
OpenDNS is not seeking to replace products that try to detect threats by spotting what they look like. OpenDNS’s approach is to block the DNS queries to Internet infrastructure that are used to deliver malware. We find that attackers often reuse the same domain names, DNS nameservers, and IP address spaces to deliver many malware variants and different attacks.
Stop even evasive malware without sacrificing performance
Sophisticated attackers have the luxury of testing their threats against our security solutions. They learn how to adapt malware to evade the latest security products. For example, delayed actions, user interactions, and even self-assembling code are often used to hide from behavior-based sandboxes. Organizations respond by building and buying even “better” detection tools—but at what cost? How much system memory or network latency must be sacrificed to detect targeted attacks? OpenDNS’s approach is agnostic to the behavior of advanced malware. By leveraging the Internet’s existing infrastructure cloud-based security is used to block both basic viruses and complex Trojans.
Reroute your employees around malvertising
Many don’t realize it, but visiting a website triggers interactions with dozens to hundreds of other Web servers without your consent—most as a result of online ads. This is problematic as the chain of intermediaries used to deliver ads is increasingly exploited by criminals. Dozens of the largest ad networks have been compromised including DoubleClick (Google) and YieldManager (Yahoo!). And the biggest Web properties including Facebook, YouTube, MLB, and NYTimes have been impacted. OpenDNS stops malvertising by seeing every silent browser interaction and blocking malicious redirections.
Avoid fraudulent sites that phish your employees
Today’s targeted spear phishing can fool even trained security professionals. And despite programs to make employees aware of best practices, they still use the same passwords to access corporate apps. In 2006, ODNS created and still operate PhishTank—the first and most successful collaborative clearinghouse for phishing information on the Internet. And now we use our big data analytics to predict where phishing sites will emerge.
Data scientists, threat researchers, infrastructure engineers
The OpenDNS Security Labs team takes a predictive approach to security. Our goal is to continually innovate ahead of the pace of technology change and build the best malware protection and security platform possible without sacrificing performance. By analyzing 80 billion or more queries a day, ODNS blocks more than 80,000,000 malicious requests each day. And we’re always iterating on our algorithms and expanding our visibility to provide predictive security whenever possible.