Infoblox partners with Forrester to decipher threat investigation challenges for enterprises

By Anthony James, VP of Product Marketing at Infoblox

Anthony James, vice president of product marketing at Infoblox

Cyberattacks skyrocketed in the post-COVID world with enterprises going remote to continue working under pandemic situations. Infoblox Inc. commissioned Forrester Consulting to investigate how security and risk (S&R) teams are using their DNS investments and found several interesting insights.

Understand What Security Leaders Need Today

This new study details how top security leaders are now recognizing the power of DNS as a first-level security control, and how they plan to better leverage DNS in their network security strategy to drive better ROI across their entire security stack. 

Get Your Free Copy

Forrester surveyed 203 security and risk leaders from companies that earned more than $1 billion in annual revenue in the financial services, health care, education, retail, and government sectors for this report. Respondents include all levels of decision-making, including C-level (48%), VP (11%), Director (34%), and Manager (7%) roles across companies.

The 203 respondents to the Accelerate Threat Resolution with DNS study reveal they most often use DNS to detect and block threats early in the kill chain, identify compromised devices, and investigate and respond to malware. The top findings, as detailed in this infographic, underscore that DNS is an effective but under-utilized tool for threat hunting and resolution even as alert fatigue challenges security teams at scale:

  • 94% of S&R leaders either use or consider DNS as a starting point for threat investigations but only 43% of security and risk leaders rely on DNS as a data source to complete their investigations.
  • 66% of respondents use DNS to catch threats — from DNS tunneling/data exfiltration, domain generation algorithms (DGAs), and lookalike domain attacks — that other security tools miss but only 34% anticipate using internal DNS to stop malicious attacks at scale.
  • 52% of leaders cite alert fatigue among teams and 51% report challenges dealing with threat triage; but only 58% of teams incorporate some automated processes for incident response.

The vast majority of security and risk teams recognize DNS as a powerful threat hunting tool. At the same time, most companies are leaving money on the table by under-using their DNS investments. With 56% of leaders looking to improve security ROI, DNS can help save the day by providing a single pane of visibility into threats across the network and the edges.

DNS can also help automate some of the more repetitive tasks in threat hunting, freeing up security teams who spend an average of 4 hours per incident investigation to address more complex problems. DNS is one of the most cost-effective ways that companies can fortify their security and risk frameworks and maximize their existing security investments.

InfoBlox BloxOne™ Threat Defense Solving Security Operational  Challenges

Led by BloxOne Threat Defense’s robust growth and customer adoption, Infoblox has quickly earned recognition as a network security leader. Forbes and The Software Report respectively named Infoblox one of the Top 10 Cybersecurity Companies to Watch in 2020 and one of the Top 25 Cybersecurity Companies of 2019. Additionally, the 2020 Fortress Cyber Security Award recognized BloxOne Threat Defense as a winner in the Enterprise Network Security category for extending DNS based protection to multiple clouds and to the edge.

Continuing the efforts to solve cyber security challenges for enterprises, Infoblox is stepping up to reduce the burden on security operations teams as they try to keep pace with evolving threats and breaches. Understanding the pain points of security leaders is the first step in this direction followed by joining hands with channel partners to deliver advanced solutions that are essential for securing enterprises in the era of teleworking.

Author Bio:

Anthony James, VP of Product Marketing at Infoblox

Anthony James is a seasoned technology and marketing executive bringing in 20+ years of marketing and product experience in the cybersecurity industry, Anthony leads Infoblox as VP of Product Marketing. He has held multiple executive leadership roles in Marketing and Product Management across a variety of security startups and well-known organizations, including FireEye, Fortinet, Cyphort and TrapX to name a few. With his unique ability to dive deep into technology, he is able to develop messaging and marketing strategies with high value and differentiation and has a proven track record of increasing market share for companies of all sizes. Anthony holds an associate’s degree in Computer Science from the Sydney Institute of Technology in Australia, where he began his career before migrating to the San Francisco Bay Area in 1999 to drive innovation within the Silicon Valley scene.