360 DTADTA is our solution for enterprise customers to gain DNS visibility on their networks. It gives customers the ability for In-depth detection and analysis oftheir corporate DNS traffic, so both unknown and known threats can be discovered.
Cybersecurity,visibility is 1 and others are 0
Enhance customer threat detecting andinvestigating capability
Improve day-to-day security operations
Backed by both 360 enterprise and our own high quality threat intelligence data, DTA takes customer’s network DNS traffic, and apply multi-vector analysis algorithms to accurately detect both unknown and common threats lurking inside corporate's network.
Improve detection of unknown threats
DTA provides efficient threat analysis tools to better detect advanced and unknown threats, and improves the overall threats visibility.
Unknown threat detection
Through innovative models such as heartbeat domain name recognition, NOD domain name recognition, DTA detects previous unknown threats that cannot be effectively covered by existing intelligence data and rules.
Automatic threat analysis
Equipped by our many years of research on malicious programs and network attacks, the system adopts many highly sophisticated modules that extract attacker behavior patterns and traffic characteristics, which lead to success detection of real malicious behaviors.
Threat intelligence graph
DTA has advanced built in graphic system, which integrates multi vector data feeds such as PassiveDNS, Whois, certificate, URL, sandbox, honeypot.. and that gives the user a powerful tool for pivoting and researching various data points.
DTA supports two data access methods: traffic mirroring and DNS server log forwarding via syslog