Well, mainly our department is responsible for identifying website categories. The ML specialists focus on parsing and timely crawling these categories, processing third-party sources with thematic lists of domains, balancing and verifying records from all sources, and forming the final database assemblies. These assemblies serve as the foundation for our work and the solutions we provide to our clients.

SafeDNS employs various models to classify texts, creating a training dataset from manually tagged websites on specific topics. Mathematical models, such as binary classifiers and neural networks for different languages, are prepared to determine if a site corresponds to a given topic. Predictions are made with a certain probability, utilizing over 100 models to consistently assess sites. The final verdict is reached by aggregating this data, taking into account the trust level assigned to each data source. We use text models as well as models for image processing (specifically for identifying explicit content) and heuristics-based models for alternative site classification.

The main challenge lies in the small number of sites in a particular language available for training samples. Additionally, complexities arise with hieroglyphs, rare dialects, and when working with regions in Asia and Southern countries. To address these challenges, we utilize synthetic data and, in some cases, translate language models from more popular languages. Working with English is advantageous, as over half of the world’s internet content is in this language.

To understand site popularity and facilitate additional categorization in new regions, we analyze user logs.

Here I should add that the job takes us to the most hidden, sometimes darkest corners of the Internet. It is quite an adventure, really. Thanks to this, our solution is able to identify and categorize resources even in the rarest languages, which is definitely our advantage.

There is no surprise there. Key metrics include accuracy and error rate.

Sure, we do rely on customer feedback to initiate timely retraining of models in case of expected degradation. As I said earlier, we are able to categorize websites in quite rare languages. Actually, our clients and their feedback help us a lot in terms of recategorizing those types of resources.

I am calling it. Just kidding. First of all, SafeDNS is a company with 13 years of solid experience, a diverse client base that ensures comprehensive error correction, and trusted partners that provide us with domain list improvement.

Secondly, I would like to underline that our text models (currently we have more than 1000 of them) are trained on a huge number of different and complex resources, which means that we do not just look through the Wikipedia pages and that is it. Our crawlers, just like search engines, go through websites once a month and do so at high speed.

What else makes us different? Well, I guess, it is our unique database: it contains 2 billion URL records and includes 20% more phishing sites than other companies’ databases. The ones within the industry must know that URL categorization is way more complex to accomplish, you just cannot afford to have a smaller database.

Seems like I could go on forever answering this question, right? I just want to add one more thing: the fact that we use Passive DNS technology makes us able to track connections between domains from a historical perspective. For example, say you approached a random domain. We can see that a while ago there was a phishing site pointed to the same IP. The SafeDNS filtering will check that domain more often than the others and pessimize it since its reputation is obviously questionable.

And finally, if we speak about machine learning particularly, I should say that despite recent hype around this phenomenon, it is not a magic wand and requires human involvement. Even a classification accuracy of 99% in a database of 100 million records results in 1 million errors, which is a huge number. That is why we pay serious attention to the human factor. There is manual tagging and 24/7 top-notch technical support to handle error-related issues.

We are planning to move towards a list of new categories, introducing more segmented topics. While we currently have 60+ categories, we aim to expand to 120+, allowing for better segmentation of domains and increased accuracy.

HOME

A: We have a solution involving the Agent app for your case. You can install the SafeDNS Agent on each device. This way devices can have different filtering policies at the same time since the Agent can work together with the router setup. Our Agent supports Windows, Linux, and Android. Here are links to the Agent setup guides: Windows, Android.

A: Sure. You just need to block the Online Ads category on your dashboard in case there is a need to avoid ads.

A: Currently, the SafeDNS service does not support DNS over HTTPS feature. Development of this feature is in progress, and it will be released in the 1st quarter of 2024, so stay tuned for news and updates!

BUSINESS

A: SafeDNS has a full-fledged categorization database and offers 2 ways of working with it: Categorization API and Categorization SDK.

Categorization API is a tool for obtaining a category from the cloud: there is no need for any resources for storing and operating the database. With the database being refreshed every 24 hours, Categorization API ensures that users have the most up-to-date information at their disposal.

Categorization SDK is an offline option, granting quick and convenient access without the need for a constant internet connection. Categorization SDK offers an increased network bandwidth, its processing speed is 70,000 requests per second.

Here is the article that provides detailed information on our categorization database.

A: Let’s put it this way: we offer 2 features – DynDNS and DDclient. Both are suitable in case you have a dynamic IP address but your router does not have a Dynamic DNS feature. The difference is only in the way of working. With DDclient, you download it and within the installed client DNS is to be configured, while DynDNS makes your IP automatically update using a third-party service (for example NoIP).

Here are the links to installation guides: DDclient and DynDNS (scroll down to the DynDNS part).

A: You can block any top-level domains (TLDs) adding them to Denylist on the Dashboard.

A: Sure, you can use our domain check feature here. 

#1 Artificial Intelligence (AI) and Machine Learning (ML) in Cyber Attacks

The widespread use of Artificial Intelligence (AI) and Machine Learning (ML) by cyber attackers represents a substantial shift in the cybersecurity paradigm. These technologies empower malicious actors to craft more adaptive and nuanced threats, challenging the effectiveness of traditional cyber security measures.

In response, cybersecurity professionals are harnessing the power of AI for defensive purposes. The emphasis lies in developing advanced threat detection and prevention engines that leverage machine learning algorithms to identify anomalies, predict potential insider threats, and automate responses. This proactive approach aims to outmaneuver cybercriminals by staying ahead of the evolving tactics they employ.

As the deployment of AI in the cybersecurity sector matures, it brings forth not only opportunities but also ethical considerations. The industry is grappling with issues such as bias in AI algorithms, the explainability of AI-driven decisions, and the potential misuse of AI for offensive purposes. Addressing these challenges is integral to ensuring the responsible and effective integration of AI into cybersecurity practices.

#2 Credential Theft Through Phishing

The evolution of work models and digital data, driven by the remote and hybrid workforce trends, has led to a significant uptick in cyberattacks targeting user passwords and credentials. Credential theft and data breaches, particularly through phishing, have become an unfortunate reality in our digital landscape. To counteract this trend, organizations must fortify their defenses with robust security measures.

Implementing a stricter password policy, advocating for the use of password managers, and enabling multi-factor authentication wherever possible are essential steps in safeguarding against credential theft. Moreover, protecting privileged accounts through access control protocols and fostering employee education on cyber threats are crucial components of a comprehensive defense strategy. Content filtering solutions that prevent users from clicking on untrusted links or being directed to malicious resources add an extra layer of protection against the insidious threat of credential and identity theft.

#3 Zero-Trust Architecture

The concept of Zero-Trust Architecture has gained significant popularity, challenging the conventional security model that relies on perimeter-based defenses. In a Zero Trust environment, trust is never assumed, and everyone attempting to gain access to resources must undergo verification, irrespective of their location or network connection.

Organizations are increasingly embracing Zero-Trust principles to enhance their security posture. This involves continuous verification, least-privilege access, and dynamic access control. By implementing stricter access policies, enterprises aim to minimize the risk of unauthorized access and lateral movement within networks, providing a more resilient defense against sophisticated cyber threats.

The adoption of Zero-Trust Architecture also requires a cultural shift within organizations. It necessitates a move from the traditional mindset of trusting entities within the network perimeter to a more vigilant approach where trust is established through continuous verification. This cultural shift is often as crucial as the technological aspects of implementing a Zero-Trust framework.

#4 Cloud Security Enhancements

As organizations continue to migrate to cloud environments, the focus on strengthening cloud security measures becomes paramount. Cloud services offer unparalleled flexibility and scalability, but they also present new challenges in terms of securing sensitive data stored and processed in the cloud.

Ensuring data integrity and confidentiality remains a top priority in cloud environments. Consequently, cloud security solutions are undergoing continuous enhancements to provide robust threat detection, encryption, and comprehensive access control. These measures are essential for safeguarding sensitive information, securing digital transactions, preventing unauthorized access, and mitigating the risks associated with cloud-based operations.

The evolution of cloud security also involves addressing concerns related to shared security infrastructure and responsibility models. While cloud service providers are responsible for the security of the cloud infrastructure, organizations must actively manage the security of their data and applications within the cloud. Understanding and implementing shared responsibility best practices are crucial for establishing a resilient and secure cloud environment.

#5 Internet of Things (IoT) Security Concerns

The proliferation of Internet of Things (IoT) devices presents a unique set of cybersecurity challenges. Insecure IoT devices can serve as potential entry points for cyberattacks, creating vulnerabilities within interconnected networks. The increasing number and variety of IoT devices further amplify security challenges and the complexity of securing these interconnected ecosystems.

Cybersecurity professionals are intensifying their efforts to enhance the security of IoT and mobile devices. This includes implementing strong authentication mechanisms, robust encryption protocols, and continuous monitoring to detect and mitigate potential IoT-related cyber threats. As the number of IoT devices continues to grow, the need for proactive security measures becomes increasingly apparent.

The evolving landscape of IoT security also demands collaboration among manufacturers, developers, and regulatory bodies. Establishing industry-wide standards and best practices for IoT security is essential to creating a more secure and resilient IoT ecosystem. Additionally, end-users play a crucial role in IoT security by ensuring that devices are regularly updated, configured securely, and integrated into networks with careful consideration for potential security risks.

#6 User Education and Awareness

Human error remains a significant factor in cybersecurity incidents, emphasizing the need for ongoing educational initiatives within organizations. Cybersecurity training for employees is not a one-time endeavor but a continuous process that evolves alongside emerging threats and technologies.

Educational efforts should focus on raising awareness about phishing attacks, promoting secure password practices, and instilling general cybersecurity hygiene. A well-informed user base serves as a critical line of defense against social engineering attacks and unintentional security lapses. Simulated phishing exercises, interactive training modules, and regular updates on the latest cyber threats contribute to creating a resilient and security-conscious organizational culture.

Moreover, organizations must foster a sense of responsibility among employees regarding their role in cybersecurity. Empowering individuals to recognize and report potential security incidents, emphasizing the importance of adhering to security policies, and promoting a culture of accountability contribute to building a robust human firewall against cyber threats.

#7 Collaborative Threat Intelligence

The landscape of cyber threats is increasingly interconnected, necessitating the need for collaborative efforts in sharing threat intelligence. Attackers employ cooperative strategies, and defenders must adopt a similar approach to stay ahead of evolving threats. Collaborative efforts significantly enhance cybersecurity measures and the collective ability to anticipate, detect, and respond to cyber threats effectively.

Information-sharing initiatives and partnerships are on the rise to facilitate the exchange of threat intelligence. Sharing insights about emerging threats, attack techniques, and vulnerabilities enables organizations to fortify their defenses proactively. Collaborative threat intelligence also plays a crucial role in the attribution of cyberattacks, aiding in the identification and apprehension of threat actors.

The collaborative approach to threat intelligence extends beyond organizational boundaries. Public-private partnerships, information-sharing platforms, and industry-specific alliances contribute to a more comprehensive and responsive cybersecurity ecosystem. As the cybersecurity community acknowledges the interconnected nature of threats, collaboration has become an integral component of a robust defense strategy.

In conclusion, the outlined trends underscore the critical importance of advanced technology, ongoing education, and collaborative efforts in navigating the dynamic landscape of cybersecurity in 2024. By staying informed about cybersecurity trends, embracing cutting-edge solutions, and fostering a culture of cybersecurity awareness, organizations and individuals can collectively strengthen their defenses and confidently confront the challenges of the digital age. As we live in a fast-paced digital reality, the proactive adoption of these trends will be instrumental in building a resilient defense against emerging cyber threats.