Overview of Microsoft Defender for DNS
Important
As of August 1 2023, customers with an existing subscription to Defender for DNS can continue to use the service, but new subscribers will receive alerts about suspicious DNS activity as part of Defender for Servers P2.
Microsoft Defender for DNS provides another layer of protection for resources that use Azure DNS's Azure-provided name resolution capability.
From within Azure DNS, Defender for DNS monitors the queries from these resources and detects suspicious activities without the need for any extra agents on your resources.
Availability
Aspect | Details |
---|---|
Release state: | General availability (GA) |
Pricing: | Microsoft Defender for DNS is billed as shown on the pricing page |
Clouds: | ![]() ![]() ![]() |
What are the benefits of Microsoft Defender for DNS?
Microsoft Defender for DNS detects suspicious and anomalous activities such as:
- Data exfiltration from your Azure resources using DNS tunneling
- Malware communicating with command and control servers
- DNS attacks - communication with malicious DNS resolvers
- Communication with domains used for malicious activities such as phishing and crypto mining
A full list of the alerts provided by Microsoft Defender for DNS is on the alerts reference page.
Dependencies
Microsoft Defender for DNS doesn't use any agents.
Next steps
In this article, you learned about Microsoft Defender for DNS.
For related material, see the following article:
Security alerts might be generated by Defender for Cloud or received from other security products. To export all of these alerts to Microsoft Sentinel, any third-party SIEM, or any other external tool, follow the instructions in Exporting alerts to a SIEM.
Phản hồi
https://aka.ms/ContentUserFeedback.
Sắp ra mắt: Trong năm 2024, chúng tôi sẽ dần gỡ bỏ Sự cố với GitHub dưới dạng cơ chế phản hồi cho nội dung và thay thế bằng hệ thống phản hồi mới. Để biết thêm thông tin, hãy xem:Gửi và xem ý kiến phản hồi dành cho