Singing in the Security Rain

Three weeks ago I had a great multi hour conversation with an old friend about some security topics when I was pointed to OpenDNS's Umbrella Labs. Now I don't get all that excited about security research as a huge amount of it is either marketing wares, watered down facts or a rehash of others research. However, when I started to dig into Umbrella Lab's blog of postings I was very pleasantly surprised. I have to say this is some great data research on DNS activities relating to malware and others.

I'm a huge believer in DNS management, both internal and external, for effective controls against advanced attacks we all see. This, ironically enough, is also one of the biggest holes I see in companies management of the problem. Very few companies, that I've talked to, really configure and monitor their DNS activity to security their enterprise. Here are just two postings that caught my eye.

"How likely is a domain to be malicious"?

"The role of country codes top level domains (CCTLDs) in malware classification"

Congrats Umbrella (OpenDNS), keep up the good analytics.