Infoblox upgrades DNS defence to counter AI-driven cyberattacks

Infoblox has introduced enhancements to its Protective DNS solution aimed at countering increasingly sophisticated, AI-driven cyberthreats for organisations across a range of sectors.

With a global rise in cyberattacks and new tactics from adversaries leveraging artificial intelligence (AI) to target vulnerabilities, Infoblox's improvements focus on providing protection before threats can cause disruption or damage to users, devices, Internet of Things (IoT)/Operational Technology (OT), and cloud environments.

Pre-emptive defence

The recent upgrades to Infoblox Threat Defence utilise predictive threat intelligence combined with algorithmic and machine learning-based detection capabilities. This preventative approach is designed to stop high-risk and malicious domains on average 68 days earlier than traditional security tools, while maintaining a reported false positive rate of 0.0002 per cent.

"The difference between most DNS security tools and our approach is like the difference between law enforcement chasing street-level drug dealers versus taking down the cartel," said Mukesh Gupta, Chief Product Officer at Infoblox. "We target the suppliers behind the cyberattackers - the cartel - so threats can be blocked before they ever reach the network. This preemptive strategy helps security teams reduce risk, eliminate noise and stop threats at the DNS layer before they ever reach the network."

The advancements are designed to provide tighter security through features such as more comprehensive visibility, actionable insights, flexible token-based licensing models, and improved reporting on threats stopped prior to causing impact. Infoblox reports that these tools provide clear, quantifiable metrics that may assist security teams in demonstrating return on investment by highlighting threats intercepted before reaching critical systems.

Cloud integration and proactive threat blocking

In addition to protecting traditional networks, Infoblox's Protective DNS technology is set to power Google Cloud's DNS Armour, a move that will bring native security to cloud workloads. The public preview of Google Cloud's DNS Armour, supported by Infoblox, is expected later this year.

By blocking attacks earlier in the cyber kill chain, the company suggests it can reduce reliance on downstream detection and response systems, such as XDR (Extended Detection and Response) and SIEM (Security Information and Event Management). This shift aligns with recommendations from analysts such as Gartner and guidelines like the NIST SP 800-81, which highlight the value of DNS-layer defences in preventing incidents at an earlier stage.

Industry response and regional focus

Scott Harrell, President and CEO of Infoblox, commented on shifts in the cyber threat landscape, stating, "Traditional 'detect and respond' security simply can't keep pace with today's AI-driven attackers and malware. Cybercrime is evolving faster than ever, costing the world trillions and exploiting gaps in legacy defences. The legacy kill chain approach depends on someone else being 'patient zero' so those legacy systems can learn and react - but attackers today customise malware to target individual businesses or industries, rendering legacy, reactive approaches ineffective against modern AI-enabled attackers. When you're patient zero, the only thing being 'killed' is your business. The future of cybersecurity must be preemptive: stop threats before they ever reach your organisation."

Paul Wilcox, Vice President of Regional Sales, APJ, drew attention to regional trends, saying, "Across APAC, cyberattacks are growing more aggressive and calculated. From exploiting third-party access points to targeting critical systems - attackers are finding the cracks in our digital foundations and are using AI to strike faster and smarter than ever."

He continued, "For businesses in Singapore, where digital services are tightly woven into daily life, any downtime or confidentiality breach can be deeply disruptive. That's why organisations here need to invest in earlier threat detection that starts at the DNS layer. Stopping an attack before it begins is far less costly than dealing with the aftermath."

Reporting and security operations enhancements

The updated Infoblox solution introduces a centralised Security Workspace for deeper visibility, and a Detection Mode that highlights missed threats without necessitating changes to existing DNS configurations, aiming to minimise operational risk for organisations. The Asset Data Integration feature offers additional context for analysts conducting further investigations.

Flexible token-based licensing aligns pricing with usage, simplifying procurement and potentially offering clearer value for cost-conscious enterprises.

The enhancements come as analysts predict global cybercrime costs could reach USD $23 trillion by 2027. The company's approach is designed to stop attacks before impact, rather than waiting for an initial breach to trigger a response, aiming to help organisations remain resilient against the evolving tactics of cyber adversaries.