A DNS sinkhole is a valuable preventative and detective network security control; the effectiveness of which heavily depends on the accuracy of the threat intelligence data feeding the DNS Response Policy Zones (RPZ) and the processes governing the sinkhole. Today’s adversaries frequently cycle through malicious and compromised domains; forcing defenders to be nimble. Poor threat intelligence or an inability to react to the dynamic nature of the ‘domain’ indicators may result in a high false-positive rate and potentially cause business disruption.
This presentation will offer a close look at how AbbVie integrates an open-source DNS sinkhole with active directory DNS, Anomali Platform and SIEM to achieve a highly effective network security control. It will also highlight how AbbVie leverages various Anomali features to design flexible workflow processes that react quickly to false positives, throttle alerting and perform investigations.
Join Vijay Kora, Senior Security Engineer at AbbVie in this on-demand presentation. Watch now.
NOTE: A valid email address is required to receive your requested asset.