Today’s cybersecurity is about operational resiliency. Network breaches will inevitably happen, so organizations need systems that neutralize threats before they cause damage.
HYAS Protect is an intelligent, cloud-based protective DNS solution that proactively detects and blocks communication with command and control (C2) infrastructure used in malware attacks. HYAS Protect also blocks communication with a host of other malicious sites, including those related to phishing, malware, ransomware, botnets and data exfiltration. HYAS Protect is simple to use and vastly more effective than legacy filtering systems. If you’re considering HYAS Protect for your organization, here’s everything you need to get started.
HYAS Protect combines years of historical domain data with real-time telemetry analysis to detect threat actor infrastructure before they can activate an attack. Built on a machine-learning decision engine, the service runs complex algorithms to correlate domain-based data and identify malicious infrastructure with high fidelity so you can mitigate network breaches without wasting your time on false positives.
Because HYAS Protect monitors DNS traffic, it doesn’t matter how the network breach occurred—whether through ransomware, phishing, supply chain attacks, or other methods. The system effectively mitigates a wide range of cyber threats by identifying suspicious DNS activities.
Users can fine-tune the protective DNS engine through list management, content filtering policy and advanced rule sets. For example, you can block or allow specific domains as part of a company-wide use policy. From a management perspective, HYAS Protect is really lightweight, but you have the ability, if the use cases require you, to gain a lot more out of the solution.
HYAS Protect works right out of the box. It’s a cloud-native software-as-a-service that takes only minutes to install. The HYAS team will help you access your DNS settings to enable the protective system, and then the engine runs in the background, 24/7. As for data analysis, the intuitive user interface clearly displays query results so you can see which requests were blocked.
No matter how you use HYAS Protect, the DNS resolver sends all traffic analysis to the HYAS cloud. This API-driven solution means you can include any device inside the protective infrastructure and connect with existing security components such as endpoints, firewalls or automation and response.
Additionally, an agent version of HYAS Protect compatible on macOS and Windows devices and external integrations with SentinelOne and Microsoft Defender for Endpoint (MDE) is available. HYAS’s transparent, cost-effective pricing is based on the number of users in your organization, regardless of how many devices you have.
HYAS Protect offers two main deployment modes: blocking and inspection. Blocking is the default mode and the setting you’ll generally want for a protective DNS system. Any DNS requests that are flagged as potentially malicious by the decision engine or a policy you’ve enabled will redirect to an alternate page that will notify users the original query was blocked.
Inspection mode, meanwhile, gives you the same analytics and telemetry data without actually blocking the request. This is a passive or “test case” deployment to show you how the decision engine is evaluating certain queries. Many organizations find it helpful to test common business resources before enabling the blocking mode so there’s no disruption to normal operations.
Establishing a baseline of what HYAS would deem malicious is definitely a good idea before enabling a blocking mode, just to ensure that there are no third-party providers that you use that may actually be hosted on some suspicious infrastructure.
Beyond providing industry-leading DNS protection, HYAS also gives you strategic insights into your business. HYAS Protect uses DNS to stop an attack regardless of how the network breach occurred, but from an organizational standpoint, it’s helpful to have context around your biggest security risks.
For instance, a breach might happen when a user clicks on a phishing link in a suspicious email or when hackers exploit an unpatched vulnerability in an IoT device on your network. HYAS Protect gives you an aggregate log view to help you spot trends and identify your riskiest users.
Especially as organizations become more decentralized in the work-from-home era, it’s useful to isolate which devices are generating the most blocked queries so you can determine possible mitigation measures.
No cybersecurity solution can guarantee total protection from bad actors. HYAS Protect assumes that a network compromise will happen and stops breaches before they progress. Legacy systems rely on predetermined lists of malicious domains, but HYAS Protect uses a complex, real-time pattern analysis of domain infrastructure to flag malware concerns before an attack begins.
If you’d like to discover more about the role of protective DNS in elevating your security stance and see a live product demonstration, please reach out to our team today. You’ll see how quickly HYAS Protect could deploy in your business and start working within minutes.
HYAS Protect and Microsoft Defender for Endpoints (MDE)
Connect HYAS Protect with Microsoft Defender for Endpoint in 5 Easy Steps
How to Stop Phishing Attacks with Protective DNS
SentinelOne Deploys HYAS Protect for Proactive Security and Control in an Ever-Changing Environment