Investigate Security Incidents
OpenDNS provides access to our predictive intelligence, so that your teams can research a given incident and can stay ahead of future attacks.
From NGFW and SIEM products to behavioral network analysis and endpoint forensics, you have already deployed many security solutions, which all claimed to provide unique visibility. You are thinking, “Why do I really need one more thing to manage?”
OpenDNS is different because we see millions of security events happening in real-time across our 50 million daily-active users. We use big data analytics and machine learning to predict where related attacks will emerge on the Internet. We provide our customers access to this intelligence so that they can get more out of their existing security investments, and also become more proactive at combating the next attack.
Investigate threats like you have never done before
Everyone is talking about big data these days. OpenDNS has a massive data set with an unconventional perspective because our global network is integrated at the Internet’s underlying DNS and BGP layers. We take our Internet-scale flood of raw data, process it, and make it accessible via easy-to-use global patterns and correlations.
This exclusive intelligence helps your security teams make better decisions faster. For example, it would help your security team respond appropriately if you are investigating a threat that calls home to a Russian server known to be associated with a targeted attack. We take a mathematical approach, using machine learning to train algorithms to automatically identify and block malicious domains and IPs.
All you need is a Web browser
Running a security program requires collaboration between several teams of network and system admins. With Investigate, there is nothing to deploy, nothing to set up, and nothing to maintain. Investigate functions simply as a search engine for our Security Graph technology, to search our intelligence on domains, IPs, or ASNs.
Intelligence in context
Which security event should your team respond to first? How does your team know which events are serious or minor? You need intelligence that provides insight into ongoing attacks, and you need the ability to investigate possible future attacks.
That is the context we offer—OpenDNS can show you whether an attack targeted your organization and what to look out for to keep it from happening again. Investigate delivers threat visibility beyond your local Internet activity, at a global level, which lets you to identify attacks targeting your company. We surface the information in real-time, so you can search dynamically, with up-to-the-minute data.
Get more out of your security stack
By adding OpenDNS’s global threat intelligence data as a layer in your security stack, you can be more proactive in your approach to security. Using the API, you can view real-time data and predictive models alongside data from your other security appliances or services. We do not promise to be the end-all and be-all, but we do deliver value by finding attacks that slip through the cracks of other security solutions.