More than 90% of attacks are carried out using the DNS protocol, according to Cisco’s annual security report. Cisco Umbrella responds to this threat.
Cisco Umbrella is the first line of protection and a source of valuable data (telemetry) for SOC analysts. Based on the world’s second-largest DNS system, this solution uses the expertise of more than 400 Cisco TALOS specialists to analyze and catalog Internet domains.
By analyzing DNS queries, Umbrella can protect virtually every connection from any host on the internal network in real time. The solution automatically blocks access to malicious domains and URLs, IPs, and files before a connection is established or a file is downloaded to an end device.
The system makes it significantly more difficult for cybercriminals to carry out a successful attack, giving security staff the ability to detect new domains, created for the purpose of a cyberattack, phishing, or C2 callbacks.