HYAS Protect Protective DNS for the Corporate Environment

Built on the underpinning technology of HYAS Insight threat intelligence, HYAS Protect is a protective DNS solution that combines authoritative knowledge of attacker infrastructure and unrivaled domain-based intelligence to proactively enforce security and block communication to threat actor infrastructure, such as command and control(C2) infrastructure, phishing sites and other communications to malicious destinations.

The HYAS Protect integration with Microsoft Sentinel improves enterprise security by incorporating enriched DNS logs into the SIEM environment. Blocked and Watch List-flagged traffic can be correlated and further analyzed to identify malicious or suspicious enterprise web traffic and attempted policy violations. Protective DNS provides a layer of protection that is highly complementary to other security solutions and is an essential part of any modern security program.

No security solution can stop all security breaches and keep all bad things out. Malware can still take root even other security measures in place. And once inside, malware can be hard to detect. Attacks involving malware have one thing in common: the need to communicate with threat actor infrastructure, or Command and Control (C2) servers. Whether it is for receiving instructions, downloading payloads, exfiltrating data or other malicious activity.

However, if this communication is detected and acted on quickly and proactively, it is possible to completely neutralize or minimize the damage that would be done. If malware cannot communicate to receive instructions, it will lay dormant and harmless. HYAS detects and blocks these communications to threat actor infrastructure before harm is caused, alerting administrators to the breaches.

The HYAS Protect integration with Microsoft Sentinel

Supports multiple deployment options, including agent-less, HYAS agent, and Microsoft Defender for Endpoint integration

Enables management functions controlled from Microsoft Security Center

Brings visibility of blocked and flagged malicious/suspicious traffic with the internet to your Sentinel environment, whether due to malware activity, unintended employee interaction with dangerous sites (prompted by phishing for example), or employee browsing that goes against policies established within HYAS Protect

Reduced security operations center (SOC) noise via a high-fidelity threat signal that minimizes false positive alerts