Select Product

Secure DNS

Free 14 days trial

Click to register

Start Demo

Cyber X-Ray

Deep domain  investigation.

Start a domain search now!
Registration is not required

DNS Visibility

Download and install DNS Visibility

VM ApplianceContact us.
Go to form
Solution by need

Find a Real Machine That
Generates Malicious
DNS Traffic


Client IP addresses vary, so they are not suitable for retroactive verification. They should be enriched with constant knowledge about computers and users. To address this shortcoming, the DNS log in the SIEM product can be enriched with the triple correlation rules of the DHCP and AD security protocols. However, it is not easy to collect logs from these scattered sources and correlate them. Moreover, importing all these logs directly into the SIEM product increases the number of EPS and the number of correlations. This has a negative impact on the cost of the product license.

Roksit’s Solution:

Roksit Visibility allows you to collect logs from many different brands and models of DNS servers, such as Microsoft DNS, Infoblox, BIND, Bluecat, EfficientIP, F5, Citrix, without having to change your network topology. The DNS Visibility Host Discovery feature detects the real device and user corresponding to the IP address. Reading the DHCP log finds out which machine is currently using the IP address. Active Directory, by reading the security log, detects the IP address of the user whois logged in. The log enriched with these features is made meaningful and forwarded to the SOC teams. Roksit performs this correlation automatically. It is enough to introduce these log sources into the system.

Click for detailed information about the product.

Ready to get started?

Start your free 14-days trial

Try Roksit free. No credit card required.