THE GAME HAS CHANGED

Introducing Infoblox Universal DDI ManagementTM

Watch the launch to discover the new era of management for critical network services. Watch Now

General Security & Cybersecurity Ecosystem

Reply

Cofense/SEG integration and enhancement
crichardson
New Member
Posts: 4

‎09-09-2020 05:07 PM

2671     0

Any good use cases out there for integrating the crowd-sourced Cofense data from your users into a custom RPZ?

Good, bad, indifferent?

 

A fully-loaded DNS Resolver can spot malicious queries and enforce on malicious hostnames prior to a Secure email gateway seeing the activity, and helps on that front. But for the case where the phish makes it through to the inboxes, has anyone successfully been able to apply confirmed threats reported to the SOC via cofense straight into a custom RPZ, in order to spread the protection to the whole enterprise?

 

Or pull IPAM/DHCP correlated data on a new attack found in Cofense Intelligence?

 

see also:

 

https://blogs.infoblox.com/community/infoblox-protects-you-from-phishing-scams/

 

http://www.circleid.com/posts/20120103_dns_firewalls_in_action_rpz_vs_spam/

 

https://cofense.com/dns-abuse-by-cybercriminals/

 

Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Latest Annoucements