How many times have you heard the popular information security joke: “It’s always DNS”? It means that every time there’s a problem you can’t figure out, you will dig until you reach the conclusion that it’s always DNS. But DNS is also where a lot of issues can be caught early, and it should be leveraged more than ever, especially by those working on their zero trust journeys. DNS can be part of better threat detection — let’s see how that works.
What’s to DNS and Zero Trust?
Let’s unpack this for a minute. DNS is the internet’s phone book. It translates domain names into numbers that computers can then route. More specifically, “the Domain Name System is the hierarchical and decentralized naming system used to identify computers, services, and other resources reachable through the internet or other internet protocol networks.” As such, the DNS protocol is also one of the few application protocols that are allowed to cross organizational network perimeters.
Zero trust is a framework that assumes a complex network’s security is always at risk to external and internal threats. It helps organize and strategize a thorough approach to counter those threats.
Where do these two meet?
Zero trust is about doing continuous risk assessments and verifications, a principle that also requires examining traffic that comes into and out of organizational networks. You might agree that pretty much everything happening on connected devices is evident somewhere in DNS traffic. That’s espec ..
Support the originator by clicking the read the rest link below.
