Satisnet Ltd, Suite B, Building 210, The Village, Butterfield Business Park, Great Marlings, Luton, Bedfordshire, LU2 8DL enquiry@satisnet.co.uk
+44 (0) 1582 369330

IBM QRadar DNS Analyzer

Tuesday 12th June 2018

IBM QRadar DNS Analyzer

The IBM QRadar DNS Analyzer application provides insights into your local DNS traffic by identifying malicious activity and allowing your security team to be able to detect Domain Generated Algorithm (DGA) or squatting domains that are being accessed from within your network. Utilising QNI flows or logs with domain information from other devices such as DNS servers (BIND), proxies, Apache webservers or other BIND compatible devices you will be able to detect and monitor outbound requests to malicious sites. With the DNS Analyzer dashboard and drill down capabilities, your team can identify DNS trends and investigate activity such as squatting attempts.

Top Dashboard

Dashboard

Download the QRadar DNS Analyzer Extension:

https://exchange.xforce.ibmcloud.com/hub/extension/6c52b4571878b24511052868dbb4f6c9

Installation Instructions:

https://www.ibm.com/support/knowledgecenter/SS42VS_7.3.1/com.ibm.qdaapp.doc/c_Qapps_QDA_intro.html