Malicious Domain Identification
Hackers have been using malicious domains to distribute malware and steal user credentials for decades.
Blacklisting known malicious domains, and whitelisting acceptable ones, has been reasonably effective at mitigating this threat, but new domains are cheap and fast to create, so hackers are able to stay one step ahead.
Using adaptive machine learning to model the common characteristics of known malicious domains makes it possible to identify and block those that aren’t yet blacklisted
How Versive Detects Malicious Domain Connections
1. The Engine uses adaptive machine learning to examine and model all domains visited from your environment within a specified time period, recording domain attributes and noting which domains were already blocked, while respecting existing whitelists.
2. The Engine creates a list of all domains that have been visited that closely resemble domains you have already blocked, based on machine-learning models; taking dozens of criteria into account.
3. The Engine assigns a confidence score to each domain, indicating the likelihood that it is malicious, based on level of similarity to domains you have already blocked.
4. Based on the information provided, you are able to make educated choices about domains and whole categories of domains to block before they’re used in attacks against you.
This proactive approach to discovering and blocking malicious domains provides the information you need to reduce the likelihood of your systems being compromised.