RSAC Fireside Chat: Rich threat intelligence, specialized graph databases power HYAS’s protective DNS

By Byron V. Acohido

The ability to withstand network breaches and minimize damage is a key characteristic of digital resilience.

A smart way to do this is to be alert to rogue command and control (C2) server communications. Inevitably, compromised devices will attempt to connect to a C2 server for instructions. And this demarcation must cross the Domain Name System (DNS).

At RSAC 2024, I had a thought-provoking conversation with David Ratner, CEO of HYAS, about the progress being made in DNS security. For a complete overview, you can listen to the accompanying podcast.

HYAS collects rich information from multiple sources and then feeds it into a specialized graph database focused on a variety of infrastructure data, including DNS traffic. This allows HYAS to isolate – and even predict – the formation of malicious infrastructure before the attackers can fully weaponize the compromised system.

“Our goal is to understand what will be used as a command-and-control server in the future so that you can block it now,” he told me.

DNS security and the overall protective DNS space are becoming increasingly important. The NSA Memorandum on Enhancing Cybersecurity for Critical Infrastructure Control Systems and the subsequent CISA Shields Up initiative emphasized the need for such solutions. Additionally, cyber insurers and the Department of Defense CMMC standard now recommend or require advanced protective DNS solutions.

Looking ahead, Ratner expects DNS protection to steadily increase – to keep pace with C2 innovation that will surely come from adversaries. As new attack patterns emerge, HYAS plans to adapt and expand its solutions to shut down all types of C2 communications, he says.


Pulitzer Prize-winning business journalist Byron V. Acohido is committed to raising public awareness about how to make the Internet as private and secure as it should be.

(LW provides consulting services to the suppliers we support.)

May 29, 2024

Back To Top