Infoblox has announced significant enhancements to its Protective DNS solution, Infoblox Threat Defense, in a move to provide preemptive security against advanced, AI-driven cyber threats. The announcement comes as cybercrime costs are projected to reach $23 trillion by 2027. The company states that traditional “detect and respond” security tools are struggling to keep up with modern attackers who use AI to create unique, single-use malware and stealthy phishing campaigns.
Scott Harrell, president and CEO of Infoblox, emphasized the shift away from reactive security models. “Traditional ‘detect and respond’ security simply can’t keep pace with today’s AI-driven attackers and malware. Cybercrime is evolving faster than ever, costing the world trillions and exploiting gaps in legacy defenses,” he said. Harrell added that the legacy kill chain approach depends on a “patient zero” to learn and react, but modern attackers customize malware, making reactive approaches ineffective. “The future of cybersecurity must be preemptive: stop threats before they ever reach your organization,” he said.
Infoblox Threat Defense is designed to stop threats before they impact infrastructure by combining predictive threat intelligence with algorithmic and machine learning-based detections. According to Infoblox, this solution blocks malicious domains an average of 68 days earlier than traditional tools and has a low false positive rate of 0.0002%.
To combat the new wave of AI-driven threats, Infoblox has introduced several new features:
- Protection Before Impact: This provides security leaders with metrics on threats neutralized before they can cause damage, which helps with reporting and demonstrating security ROI.
- Security Workspace: A centralized interface that offers security teams visibility into their environment and actionable insights to reduce risk and improve their mean time to respond (MTTR).
- Detection Mode: This feature allows organizations to see threats they are currently missing without changing their existing DNS configuration, which minimizes operational risk.
- Asset Data Integration: This provides context on what assets were protected by the preemptive strategy, enabling security teams to conduct further investigation.
- Token-Based Licensing: A flexible pricing model aligned with protected assets to simplify procurement and provide clearer ROI.
Infoblox’s Protective DNS capabilities are also being used to power Google Cloud’s DNS Armor, providing native security for cloud workloads, with a public preview scheduled for later this year.
“The difference between most DNS security tools and our approach is like the difference between law enforcement chasing street-level drug dealers versus taking down the cartel,” said Mukesh Gupta, chief product officer at Infoblox. “We target the suppliers behind the cyberattackers—the cartel—so threats can be blocked before they ever reach the network. This preemptive strategy helps security teams reduce risk, eliminate noise and stop threats at the DNS layer before they ever reach the network.”
