Advanced Threat Prevention (ATP) is the industry's first IPS to stop Zero-day attacks inline. ATP is powered by Precision AI, a proprietary system that leverages the capability of Machine Learning, Deep Learning, and Generative AI. ATP’s security models are trained with high-fidelity data to accurately detect and prevent rapidly evolving cyber threats in real-time.
But cybercriminals are evolving too. Their latest technique for stealing sensitive data is nearly invisible to traditional defenses. They use an unconventional slow and stealthy approach to exfiltrate sensitive data by leveraging DNS relay and HTTP headers of benign web requests.
Most of the websites DO NOT validate the authenticity of domains in the HTTP headers. Therefore, an attacker can exploit even the most reputed legitimate Internet services including Cloud Providers, Web Services, CDNs. Using the automation, attacker can exfiltrate small encoded data fragments over time slowly, to finally steal large amounts of sensitive data.
To prevent such advanced attacks, we at Palo Alto Networks have recently introduced a new feature, Exfiltration Shield, that prevents data exfiltration via DNS relay attacks.
This feature is a true demonstration of the power of Palo Alto Network’s platform, where ATP and ADNS - the two cloud delivered security services (CDSS) - work together to detect and prevent the attack.
To learn more please watch this video with a live demo below.
