Network security company Infoblox today announced its Technology Alliance Partner (TAP) Program, which has more than 30 partners to exchange information on different types of attack methods and fixes.
Infoblox uses domain name system (DNS) to identify what is occurring within a network — whether a new device has entered, what kind of device, if it has a malicious IP address, or shows suspicious traffic patterns.
“As we’re out deploying our products with our customers, we found that any particular vendor cannot solve all of the security problems, so vendors need to collaborate,” says Kanaiya Vasani, VP of corporate development with Infoblox.
Using its DNS insight, Infoblox is able to see a detailed view of what is happening within a network. And when it sees malicious activity, Infoblox will alert other vendors of the attack or vulnerability and exchange information using an application program interface (API).
This API allows for companies in the program to communicate information about certain attacks and how to offer the best protection. For example, Infoblox will look for suspicious activity in its DNS interface, and if it sees something out of the ordinary, will send that IP address to a company like Qualys to scan through it.
“We can immediately take that info through our outbound API and notify Qualys that they should trigger an immediate scan of the device,” Vasani says. Similarly, security company Carbon Black connects its threat intelligence to Infoblox’s DNS firewall data to provide a more well-rounded view of the network.
Infoblox’s overall goal is to partner with security companies in a specialized space to give more specific insight into breaches. Because Infoblox gives so much context into what is happening within a network, it’s a good starting point to identify malicious activity of any kind, Vasani claims.