DNS Ninja analyzes your internal DNS traffic and provides insight into potentially malicious nodes in your infrastructure using anomaly detection algorithms.
Full insight into your organization’s DNS traffic
Advanced machine learning algorithms for detecting generated domain names
High-fidelity alerts based on deviations and periodicity of classified DNS requests
Your DNS monitoring tool
DNS Ninja analyzes all DNS traffic in your organization. Each DNS request/response pair is analyzed and classified into a number of categories, such as internal, computer-generated, invalid. For each client from your DNS server, a statistical model is constructed that describes the normal behaviour of the client for each of the DNS categories. Deviations from the normal behaviour are detected and reported. Additionally, the repetitive nature of requests is detected and reported in order to detect automated malicious behaviour. This makes DNS Ninja very well suited for detecting command and control, and exfiltration techniques.
Use existing network devices as data source
Detect the undetected
Highly scalable and cost-effective cyber security solution
Monitoring DNS traffic, use our whole platform
DNS NInja uses a specific data source, your DNS traffic, to detect potentially malicious behaviour. This forms part of our overall platform strategy: using existing data sources to detect adversary behaviour. By using existing data sources, a holistic view is obtained. No more blindspots in your IT landscape! This strongly improves the chance of detecting the undetected; the advanced hacks that have passed your defences and are preparing to severely impact your organization. Do not allow hackers to hide within your own network!