Securd DNS

Welcome to the official documentation for Securd DNS, a core component of the DigitalStakeout XTIR platform.

Securd DNS

Welcome to the official documentation for Securd DNS, a core component of the DigitalStakeout XTIR platform. Whether you're a network administrator, threat analyst, or cybersecurity leader, this documentation provides the guidance you need to deploy and manage DNS security that actively protects and responds.


🔐 What is Securd DNS?

Securd DNS is a secure DNS resolution and filtering service integrated into XTIR. It stops threats before they reach your network by applying real-time intelligence, policy controls, and logging—all with minimal latency.

By linking DNS visibility with threat intelligence and automated enforcement, Securd DNS transforms DNS from a utility into a powerful response mechanism.


🧠 Key Capabilities

  • Threat-Aware DNS Resolution
    Automatically block malicious domains, botnet callbacks, phishing infrastructure, and more using XTI-driven intelligence.

  • Granular Filtering Policies
    Apply rules by group, IP, domain category, or time to enforce acceptable use, reduce digital risk, and meet compliance goals.

  • Fast, Resilient Infrastructure
    Redundant, low-latency global resolvers ensure uptime and performance with support for DNS over HTTPS (DoH) and DNS over TLS (DoT).

  • Real-Time DNS Logging & Alerts
    Monitor query activity in real-time, trigger alerts on suspicious behaviors, and export enriched data for deeper investigation.

  • Integrated Response
    Blocklists can be driven by live threat detections from the XTIR platform, allowing DNS filtering to react instantly to emerging IOCs.


⚙️ Getting Started

Securd DNS is easy to configure for organizations of all sizes.

Included in this Documentation:

  • Setup Instructions
    Configure Securd DNS on your firewall, router, endpoint, or VPN for outbound DNS control.

  • Policy Management
    Define filtering rules, access groups, and block/allow lists.

  • Integration Guides
    Connect Securd DNS with SIEM, SOAR, and DigitalStakeout’s XTIR automations.

  • Debugging & Optimization
    Troubleshooting DNS resolution issues, failover modes, and performance tuning.


🛡️ Real-World Use Cases

Use CaseDescription
Phishing Domain BlockingAutomatically block users from accessing phishing domains as soon as they are detected in threat feeds.
Command & Control DisruptionStop malware from calling home by preventing DNS lookups to known C2 servers.
User Access EnforcementRestrict internet access based on role, device, or time-of-day policies.
DNS Tunneling DetectionAlert on and block suspicious DNS patterns used for data exfiltration.