Viruses, Trojans, or drive-by downloads. Whatever you name them, “zero-day” malware variants regularly bypass firewalls and antivirus.
“Okay, but my firewall or antivirus provider says they now have signature-less technology to detect advanced malware.” Good.
But Umbrella is not seeking to replace products that try to detect threats by spotting what they look like. Our approach is to block the DNS queries to Internet infrastructure that are used to deliver malware. We find that attackers often reuse the same domain names, DNS nameservers, and IP address spaces to deliver many malware variants and different attacks.
Learn how we protect against advanced malware by using DNS.
Sophisticated attackers have the luxury of testing their threats against our security solutions. They learn how to adapt malware to evade the latest security products. For example, delayed actions, user interactions, and even self-assembling code are often used to hide from behavior-based sandboxes. Organizations respond by building and buying even “better” detection tools—but at what cost? How much system memory or network latency must be sacrificed to detect targeted attacks? Umbrella’s approach is agnostic to the behavior of advanced malware. We block both basic viruses and complex Trojans using the same, fast DNS resolution process you already use today.
Many don’t realize it, but visiting a website triggers interactions with dozens to hundreds of other Web servers without your consent—most as a result of online ads. This is problematic as the chain of intermediaries used to deliver ads is increasingly exploited by criminals. Dozens of the largest ad networks have been compromised including DoubleClick (Google) and YieldManager (Yahoo!). And the biggest Web properties including Facebook, YouTube, MLB, and NYTimes have been impacted. Umbrella stops malvertising by seeing every silent browser interaction and blocking malicious redirections.
The Umbrella Security Research team team takes a predictive approach to security. Our goal is to continually innovate ahead of the pace of technology change and build the best malware protection and security platform possible without sacrificing performance. By analyzing 80 billion or more queries a day, we block more than 80,000,000 malicious requests each day. And we’re always iterating on our algorithms and expanding our visibility to provide predictive security whenever possible.