Viruses, Trojans, or drive-by downloads. Whatever you name you want to use, “zero-day” malware variants regularly bypass firewalls and antivirus.

In addition to the traditional products that try to detect threats by spotting what they look like. Our approach is to block the DNS queries to Internet infrastructure that are used to deliver malware. We find that attackers often reuse the same domain names, DNS nameservers, and IP address spaces to deliver many malware variants and different attacks.


Stop even evasive malware without sacrificing performance

Sophisticated attackers have the luxury of testing their threats against many security solutions. They learn how to adapt malware to evade the latest security products. For example, delayed actions, user interactions, and even self-assembling code are often used to hide from behavior-based sandboxes. Organizations respond by building and buying even “better” detection tools—but at what cost? How much system memory or network latency must be sacrificed to detect targeted attacks?


Reroute your employees around malvertising

Many don’t realize it, but visiting a website triggers interactions with dozens to hundreds of other Web servers without your consent—most as a result of online ads. This is problematic as the chain of intermediaries used to deliver ads is increasingly exploited by criminals. Many of the largest ad networks have been compromised including the biggest names. Stop malvertising by blocking malicious redirections.