09-07-2023 11:20 PM
Hi,
Does DNS Security checks DNS records other than A and how it works ? I think CNAME are checked as they are similar to A in meaning of request content. How about other records like PTR and TXT as they can be used more frequently for C2 traffic?
09-11-2023 08:45 PM
I'd open a ticket with your SE and ask them to verify with someone on the product team, but I don't see any reason why CNAME, TXT, and PTR wouldn't also fall under DNS Security. You're still doing a DNS record lookup, you're just looking at a different type of record; you should still be getting the proper category.
I know that CNAME cloaking as an example will get a domain registered as adtracking when PAN identifies the traffic from a categorization aspect.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
