Infoblox, has announced major enhancements to its Protective DNS solution, Infoblox Threat Defense. The upgrade is aimed at helping organizations counter advanced, AI-driven cyber threats with preemptive DNS security.

The company revealed that as cybercrime costs approach $23 trillion by 2027, traditional “detect and respond” tools are no longer sufficient. Attackers are now using AI to launch stealthy, single-use malware and phishing attacks, increasing the risk of any organization becoming “patient zero.”

Infoblox reported that its Threat Defense solution blocks high-risk domains an average of 68 days earlier than conventional tools. It achieves this through predictive threat intelligence and machine learning-based detection. The platform maintains a false positive rate of just 0.0002%, one of the lowest in the industry.

Mukesh Gupta, Chief Product Officer at Infoblox, compared the company’s approach to targeting cyberattack infrastructure before attacks occur, rather than responding after the damage is done. This strategy helps security teams reduce risk and stop threats at the DNS layer.

Key updates to the platform include:

• Protection Before Impact: Offers metrics on threats blocked before causing harm, demonstrating security ROI.
• Security Workspace: A centralized dashboard with actionable insights and improved visibility.
• Detection Mode: Identifies missed threats without requiring DNS configuration changes.
• Asset Data Integration: Provides context for protected assets, aiding investigation.
• Token-Based Licensing: Simplifies procurement and aligns cost with protected assets.

Infoblox’s Protective DNS capabilities also power Google Cloud’s DNS Armor, providing native security for cloud workloads, with public preview later this year. 

The company noted that by stopping threats earlier, its solution lightens the load on traditional detect-and-respond tools like XDR and SIEM. Infoblox’s approach supports Gartner’s prediction that preemptive cybersecurity will replace 40% of reactive tools by 2028.

The strategy is aligned with NIST SP 800-81, which highlights DNS as a key early-warning system. Infoblox CEO Scott Harrell emphasized that legacy systems reliant on “patient zero” no longer suffice against AI-enabled threats.

Nathan Sinclair, Chief Information Security Officer for the City and County of San Francisco, said Infoblox eliminated a major blind spot in their DNS visibility. He added that the solution has helped block exploits and strengthen their cybersecurity posture.

Infoblox continues to evolve its DNS security capabilities, helping organizations take a proactive stance against evolving cyber threats.

Related post

View all