Telsy Secure DNS
The service is able to prevent the resolution of domain names classified as malicious or hostile.
By adopting the Telsy DNS servers for the resolution of domain names either at your infrastructure or in SaaS delivery, in the face of an infection or a malicious event that exploits the DNS protocol, it is possible to close the entire infection cycle and prevent the contact with hostile command and control centres.
Telsy-SecureDNS promptly mitigates the threat by diverting outgoing traffic to an inert server belonging to Telsy SpA.
Almost all of the malware in circulation make use of the DNS protocol to resolve the IP addresses of the infrastructures.
Usually, these infrastructures are put in place in order to take total control of the victim infrastructure after an initial cycle of infection.
When identifying a potentially malicious contact, Telsy-SecureDNS redirects traffic to a trusted server.
If the service is provided in SaaS mode, the Telsy-SOC alerts the Customer by providing a detailed report on the nature of the survey.
Interrupting this cycle of infection is a priority because it allows to block (or at least limit) the succession of malevolent events such as:
- Downloading and installing additional hostile components
- The lateral movement by the attacker towards other systems
- The extraction of sensitive information or covered by intellectual property
- The modification or elimination of potentially useful artefacts in the event of subsequent prosecutions