We know that there’s no silver bullet when it comes to preventing all threats from entering your network. This is why we also focus on preventing multistage attacks, secondary downloads, and data from leaving through attacker-controlled communication channels via command and control (CnC).

Through content-based protections, we stop attacks at the command and control stage, preventing attackers from controlling infected endpoints, spreading laterally within your organization, and accomplishing their objectives.

CnC Research

As new threats and attack tools emerge, our threat research team investigates their components, including command and control techniques, and reverse engineers them in order to create high-quality CnC protections that identify the malicious nature of outbound CnC communications and solve for their rapid rate of change.

Beyond manual research, CnC protections against the latest malicious domains, URLs and IP addresses are updated via WildFire™ cloud-based malware analysis in as little as 5 minutes, automatically protecting your organization and driving up costs for attackers.

Nearly Up-to-the-Minute Prevention

DNS-based CnC protections are created and updated by WildFire as part of its analysis of unknown threats. Firewalls subscribed to WildFire receive updated protections in as little as 5 minutes.

In addition to providing malware and URL protections, WildFire provides DNS protections to all subscribed firewalls around the globe, protecting customers from newly created domains controlled by attackers and embedded within zero-day malware.

Positively Identify Infected Hosts

Our command and control protection goes a step further by providing sinkhole capabilities for outbound requests to malicious DNS entries.  

Outbound requests to malicious domains or IP addresses are redirected to an internal IP address set up by an administrator, preventing those requests from leaving the network and providing you with a report of the compromised machines initiating those requests on which incident response teams can act.


 

No results found