DNS Analysis

Monitoring DNS traffic

The DNS Analysis module uses a specific data source, your DNS traffic, to detect potentially malicious behavior. Deviations from normal behavior are detected and reported.

DNS Analysis


Scale your DNS infrastructure for the real needs of your organization


Detect exceptional DNS usage to identify potential zero-day threats


Identify DNS configuration errors quickly to improve quality and performance of your whole infrastructure

Your DNS monitoring tool

The DNS Analysis module uses a specific data source, your DNS traffic, to detect potentially malicious behavior. Using existing data sources provides a holistic view – no more blind spots in your IT landscape! This significantly improves the chance of detecting the undetected. Advanced hacks, for example, have passed your initial defenses and are preparing to severely impact your organization.

Full insight into your organization's DNS traffic

DNS queries play a crucial role in identifying threats and preserving the security of your business. The DNS module gives you a deeper comprehension of DNS activity and network events. It provides a complete picture of performance, trends, and anomalies using simple, actionable data streams, giving you the knowledge to increase system security and performance while decreasing operating expenses.


· Often overlooked component
of cybersecurity

· Complete DNS overview

· Providing insights to increase security

Full insight into your organization - Sceptr
Advanced machine learning

Advanced machine learning algorithms for detecting generated domain names (DGA)

Several kinds of malware use Domain Generation Algorithm (DGA) domains to communicate with their Command-and-Control servers. Before DGA, most malicious programs used hardcoded lists of IP addresses or domains. In contrast to these programs, DGA is much harder to block by anti-malware software or network administrators since it’s near impossible to predict where the next command will come from. To minimize the number of infected machines and reduce recovery costs, businesses need to be able to detect network requests to DGA domains in early stages of malware spread. Sceptr has state-of-the-art machine learning techniques to tackle these threats.


· DGA is difficult to block by traditional
anti-malware software

· Minimize impact

· State-of-the-art machine learning

High-fidelity alerts based on deviations and periodicity of classified DNS requests

Each DNS request/response pair is analyzed and classified into several categories, such as internal, computer-generated, or invalid. For each client from your DNS server, a statistical model is constructed that describes the normal behavior of the client for each of the DNS categories. Deviations from normal behavior are detected and reported.


· DNS is classified into categories

· Statistical model is constructed

· Deviations are detected and reported

Classified DNS Request

Our approach

The Sceptr platform gives you a holistic cybersecurity approach. Sceptr’s platform helps enterprises have complete visibility and control over their applications across their IT infrastructures. Our modules continuously monitor and analyze the performance, user experience, and delivery of applications in IT infrastructures. They also look at the overall performance of WANs, providing accurate and easy-to-understand insights. Know how your DNS traffic will be affected when making changes to your network.

Accept that you can’t manage what you can’t see and allow us to help you detect the undetected. We will protect you from cyber-attacks by detecting deviations that indicate suspicious activity.

Sceptr approach

Contact us

Do you want more insight into the performance and security of your networks? Do you want the leading experts of the Sceptr team to walk you through the various modules of our platform and explain how these might benefit your specific use case? Don’t hesitate to get in touch!