惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Tenable Blog
Engineering at Meta
Engineering at Meta
The Register - Security
The Register - Security
N
Netflix TechBlog - Medium
D
Docker
Vercel News
Vercel News
云风的 BLOG
云风的 BLOG
月光博客
月光博客
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
D
DataBreaches.Net
IT之家
IT之家
V
V2EX
人人都是产品经理
人人都是产品经理
F
Fortinet All Blogs
J
Java Code Geeks
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园 - 叶小钗
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
雷峰网
雷峰网
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
有赞技术团队
有赞技术团队
aimingoo的专栏
aimingoo的专栏
MongoDB | Blog
MongoDB | Blog
P
Privacy International News Feed
F
Full Disclosure
P
Proofpoint News Feed
B
Blog RSS Feed
T
Tor Project blog
T
The Blog of Author Tim Ferriss
B
Blog
Webroot Blog
Webroot Blog
腾讯CDC
T
Troy Hunt's Blog
T
Tailwind CSS Blog
H
Heimdal Security Blog
AWS News Blog
AWS News Blog
G
Google Developers Blog
Spread Privacy
Spread Privacy
NISL@THU
NISL@THU
A
About on SuperTechFans
SecWiki News
SecWiki News
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
I
InfoQ
M
MIT News - Artificial intelligence
大猫的无限游戏
大猫的无限游戏
美团技术团队
L
LangChain Blog

Infoblox Blog

The Missing Link in the Anti-Scam Chain: Why DNS Belongs in the Room. (DNS, GASA, Global Anti-Scam Alliance, DNS Threat Intelligence) Oracle Cloud Discovery for Universal Asset Insights | Infoblox Why Asset Discovery Integrations Start with Network Intelligence Infoblox Kentik Acquisition: AI-Driven Network and Security Intelligence Proxyware actor behind fake 7-Zip is bigger than you think! Using Protective DNS to Dismantle Global Scam Networks | Infosecurity Europe 2026 Residential Proxies: Why DNS Is the Stronger Play NIST Maps DNS Security to the Cybersecurity Framework 2.0 Trusted Infrastructure Data for AI and AgenticOps | Infoblox Meet Your Security Analyst’s New AI Teammate | Infoblox IQ DCloud Uni-App: One Framework, 236,000+ Scam Sites Operation Endgame VS SocGholish Fake Updates Human Judgment Hacks: How Lookalike Domains Work Residential Proxies in the Wild Unlocking Universal DDI on Equinix: Infoblox Brings Cloud-First DDI to Equinix Network Edge “Headless”? What Is It and Do I Need to Go There? The Alert Is Already Too Late The Half of Your Attack Surface Nobody Owns Infoblox Earns Terraform Partner Premier Status for NIOS Provider What 550 Security Leaders Just Told Us about the Age of AI, and Why Preemptive Digital Risk Protection Can’t Wait Lookalike Domains Expose the iPhone Theft Economy Amusing Numerology: Analysis of the Numbers in Domain Names 4 Trends Shaping the Future of Network Operations Preemptive Threat Disruption at Scale: How Infoblox and Axur Turn External Risk into Protection Why the Axur Acquisition Marks a Turning Point for Preemptive Security Don’t Wait To Be Attacked: Stop Phishing, C2 and Data Exfiltration with Infoblox Threat Intelligence in AWS Network Firewall Hold the Phone! International Revenue Share Fraud Driven by Fake CAPTCHAs AI, Project Glasswing and DNS: Beyond Vulnerabilities Three Infoblox Integrations with Google Cloud That Give Enterprise Teams More Control Over Their Networks Automating Infoblox DDI with Red Hat Ansible | Configuration as Code for DNS, DHCP and IPAM Hiding in Plain Sight: Abusing Composite Domain Names What You Cannot See is Hurting You Most NIST SP 800-81r3: A Long-Overdue Wake-Up Call for DNS Security Patterns, Pirates, and Provider Action: What We Learned Working with Keitaro NIST SP 800-81r3: What’s New? No Reach, No Risk: The Keitaro Abuse in Modern Cybercrime Distribution Unified Asset Visibility: A Strategic Imperative for CIOs and CISOs Infoblox Partners with Leading SASE Vendors to Modernize DNS and DHCP for Distributed Enterprises NIST DNS Security Best Practices: Top 5 Takeaways Break out the bubbly: NIST SP 800-81r3 has been published! Empowering Women to Lead in APJ: Infoblox at the Leadership Summit for Women in Technology, AI & Cyber
Protective DNS: Why Telcos Are Turning to DNS as the Platform for Consumer Security
Craig Sanderson · 2026-04-15 · via Infoblox Blog

For years, internet service providers have offered a range of consumer security services. These have typically focused on the endpoint and the home: secure residential gateways, parental controls and bundled antivirus or identity protection services.

What they have not historically done is treat the network itself as the primary enforcement point for security.

That is now changing.

Cybercrime has industrialized. Online fraud and scams are no longer edge cases. They are everyday risks for consumers. At the same time, governments, once cautious about intervening in internet traffic, are increasingly expecting networks to play a more active role in protecting users.

This is where Protective DNS (PDNS) is gaining momentum.

According to the latest HardenStance Briefing: Telco Strategies for Consumer Security report, PDNS is now the fastest-growing consumer security service offered by ISPs. It leverages a control point telcos already operate at scale, DNS, to stop threats before a connection is ever established, without requiring any change in user behavior.

A Natural Enforcement Point

Protective DNS applies threat intelligence directly to DNS queries, preventing users from resolving domains linked to malicious activity or unlawful content.

Because every online interaction begins with DNS, it creates a universal enforcement point. Whether a user clicks a link, installs an app or connects a device, DNS is involved.

By embedding intelligence at this layer, telcos can block:

  • Phishing and scam domains
  • Malware distribution sites
  • Command-and-control infrastructure
  • Illegal or regulated content

All of this happens transparently, without requiring software on the device or any action from the user. Security becomes part of the network itself.

HardenStance notes that telcos are increasingly combining endpoint protection, router-level controls and network-based security, with DNS emerging as a critical layer in that architecture.

Why DNS, and Why Now?

DNS is not a new technology, but its role is evolving.

From a technical standpoint, it is already ubiquitous and highly scalable. From a business standpoint, it sits at the intersection of two growing pressures.

The first is regulatory. Governments are introducing requirements around content blocking, online safety and cybercrime prevention, areas where DNS provides an efficient enforcement point.

The second is commercial. Consumers are increasingly concerned about scams, fraud and identity theft, creating demand for services that provide meaningful protection.

HardenStance forecasts steady growth in telco investment in consumer security, with spending expected to reach over $600 million by the end of the decade, reflecting both rising demand and increasing regulatory pressure.

This combination is turning DNS into more than infrastructure. It is becoming a platform for consumer security services.

Regulation Is Raising the Stakes

The shift toward Protective DNS is being accelerated by changes in government policy.

Countries such as Ukraine, Estonia and Latvia have already implemented national PDNS services. In the United Kingdom, initiatives like the National Cyber Security Centre’s (NCSC) Share and Defend and legislation such as the Online Safety Act reflect a broader move toward active intervention.

The scale of the problem is driving this shift.

Global scams are estimated to cost as much as $1 trillion annually,1 with fraud accounting for a significant proportion of all crime in some markets. In the United Kingdom, for example, fraud represents around 40 percent2 of all reported crime.

Against this backdrop, expectations are changing. Networks are no longer seen as neutral conduits. They are increasingly expected to act as a line of defense.

From Obligation to Opportunity

For telcos, this creates a strategic choice.

They can take a reactive approach, implementing controls only when mandated. But this turns security into a cost center, adding operational burden without creating differentiation or revenue.

They can participate in government-led initiatives, which may ease access to threat intelligence but still leave the telco responsible for delivery and ongoing costs.

Or they can take a more proactive path: using DNS as the foundation for consumer security services that not only meet regulatory requirements, but exceed them.

This is where PDNS becomes compelling. It offers a way to turn compliance into capability, and capability into opportunity.

The Intelligence Challenge

The success of this approach depends on one critical factor: threat intelligence quality.

Low-quality or generic feeds introduce false positives, miss emerging threats and ultimately erode trust. At carrier scale, accuracy and coverage are non-negotiable.

What’s required is DNS-native threat intelligence designed specifically to analyze how cybercriminal infrastructure operates and evolves.

Disrupting Cybercrime at Scale

Modern cybercrime is not a collection of isolated attacks. It is an ecosystem.

Domains used for scams, phishing and malware are created and discarded at high velocity. These are the disposable assets that victims encounter.

But beneath them sits a shared, persistent infrastructure that enables cybercrime to operate at scale.

At Infoblox, this infrastructure has been attributed to distinct DNS threat actors, groups that build and operate the systems that underpin large-scale cybercrime. These actors provide the ecosystem that allows campaigns to be launched, scaled and repeated with high efficacy.

This infrastructure does more than deliver malicious content. It enables attackers to profile victims in real time, increasing success rates while also obfuscating activity from security researchers and traditional defenses.

The rise of AI-driven scams is accelerating this further, enabling attackers to scale operations and refine targeting in ways that traditional defenses struggle to match.

DNS sits at the center of this ecosystem.

By analyzing DNS activity at scale, it becomes possible to identify not just individual domains, but the infrastructure patterns and threat actors behind them. This enables a shift from reactive blocking to proactive disruption.

At Infoblox, this has been described as targeting the “drone factory” of cybercrime: not just the outputs, but the machinery and operators that produce them.

For telcos, this is a critical shift. It means protection is no longer about chasing individual threats. It is about degrading the infrastructure that enables them.

Unlocking the Value of DNS Data

Telcos already possess one of the most valuable datasets in cybersecurity: DNS telemetry at scale.

Historically underutilized, this data can enhance detection, improve accuracy and contribute to broader intelligence ecosystems. It also creates an opportunity for telcos to move beyond consuming intelligence to generating it.

If data is the “new oil,” DNS data is one of the richest untapped reserves.

What Comes Next

The direction of travel is clear.

Cybercrime is growing in scale and impact. Governments are increasing expectations. Consumers are demanding better protection.

Protective DNS sits at the intersection of these forces.

What was once limited to a small number of large operators is now expanding globally, with telcos in both developed and emerging markets adopting DNS-based security at scale.

For telcos, the opportunity is significant, but so is the risk of inaction.

Those that move early can define the market, build differentiated services and strengthen their role in the digital ecosystem. Those that wait may find themselves implementing security under pressure, with limited ability to compete.

DNS is no longer just infrastructure.

It is becoming the platform for consumer security.

Footnotes/References

  1. GASA Global State of Scams Report: $1T Lost to Scams. Harris, Robert. Feedzai. November 16, 2024. https://www.feedzai.com/blog/gasa-global-state-of-scams-report-1t-lost-to-scams/
  2. https://www.feedzai.com/resource/global-state-of-scams-report-2024/ Crime in England and Wales: year ending September 2025. Office for National Statistics (ONS) Centre for Crime and Justice. January 29, 2026. https://www.ons.gov.uk/peoplepopulationandcommunity/crimeandjustice/bulletins/crimeinenglandandwales/yearendingseptember2025