Suspicious Domains
closed
M
Matthew Chambers
Add a 'DGA' (Domain Generation Algorithms) and other suspious domain alerting. For example, if a user visits
c81358859121583b7adf2ace89cb39f44(com), or another that's tied to possible C2 infrastructure. The key here is finding anomalous domains that are large, excessively random, or fit a pttern of suspicious activity before they're reported.
R
Ryan Poppa
closed
This is released earlier in 2024.
S
Steve Staden
beta / early access
Voters today we introduced Malicious Domain Protection - https://help.dnsfilter.com/hc/en-us/articles/1500008111241-Extra-Settings.
This feature leverages new ML capabilities to identify risky domain strings to secure against domain generation algorithms (DGA) and other threat vectors.
Right now I'm marking this as beta and would welcome any feedback.