ENTERPRISE TECHNOLOGY
DNS security is missing piece in enterprise cyber defence
Despite its vital importance , DNS remains an overlooked component in enterprise security , leaving organisations vulnerable to sophisticated cyber threats . As the volume and complexity of DNS traffic grows , securing DNS has become a priority for forwardthinking organisations . Mohammed Al Tenbakji at Secure Domains , sheds light on the critical role of the Domain Name System , a backbone of modern Internet connectivity .
Mohammed Al Tenbakji , Founder Secure Domains
Imagine a world without Domain Name System , DNS , every time you wanted to access a website , you would need to type in its IP address . DNS simplifies this by acting as the Internet ’ s phonebook , resolving human-readable domain names into machine-readable IP addresses . However , this essential functionality comes at a cost . Since DNS is foundational to the Internet , its ubiquity also makes it a prime target for cybercriminals .
Traditional security tools often fail to scrutinise DNS traffic adequately . This creates a blind spot that attackers exploit using techniques like DNS tunnelling , Command and Control , C2 , and Data Exfiltration , DEX .
Meanwhile , attackers are deploying automated tools to execute DNS-based attacks at scale . This combination makes
Gartner ’ s SASE framework underscores the importance of securing all traffic , including DNS , at the network edge .
DNS one of the most critical yet vulnerable components of enterprise infrastructure .
Industry frameworks on DNS Security
Global cybersecurity frameworks like Gartner ’ s Secure Access Service Edge , SASE and Forrester ’ s Zero Trust , ZT model emphasise the critical role of DNS security in achieving a robust security posture . These frameworks recognise that DNS is not only a foundational component of Internet connectivity but also a key vector for visibility , control , and threat prevention .
Gartner ’ s SASE framework underscores the importance of securing all traffic , including DNS , at the network edge , highlighting how DNS-based filtering and monitoring are integral to achieving consistent security policies across distributed environments .
Similarly , Forrester ’ s Zero Trust model calls for ‘ never trust , always verify ,’ where monitoring and securing DNS traffic is a cornerstone for implementing granular controls , preventing unauthorised access , and detecting anomalous behaviours indicative of threats .
Typical DNS-based threats
DNS Tunnelling DNS tunnelling turns your DNS traffic into a covert communication channel for attackers .
By embedding malicious commands or data into DNS queries and responses , threat actors can bypass firewalls and steal sensitive data or execute remote commands .
DNS C2 Attackers increasingly use DNS as a communication channel to maintain control over compromised systems . DNS C2 enables malware or botnets to receive commands , download updates , and propagate attacks , all under the radar of traditional defences .
DNS DEX DNS DEX allows attackers to transfer sensitive data out of an organisation using DNS queries . Because DNS traffic is typically trusted and unmonitored , this method often goes unnoticed until it is too late .
Role of AI and ML
Modern DNS-based attacks are evolving too quickly for traditional security measures to
INTELLIGENT TECH CHANNELS 21