New Farsight Security Research Reveals Majority of Organizations Failing To Adopt Key DNS Defensive Measures

Nearly 4,000 Organizations Tested, including Leading Global Corporations and more than 1,700 Colleges and Universities

For Immediate Release

San Mateo, California — March 06, 2018 — Farsight Security, Inc. Introduced research today in which it tested the primary domain of nearly 4,000 organizations, including leading global corporations and more than 1,700 colleges and universities with .edu domains. The results of the research are concerning, showing that the majority of the organizations evaluated are failing to leverage key DNS defensive measures, putting them at higher risk for avoidable security breaches.

Every organization, large or small, that conducts business over the Internet will eventually be attacked. Yet many organizations are foregoing DNS-delivered defensive techniques, which could improve their online security posture.

To find out if your organization was included in this research report, “Farsight Security Global DNS Defense Report, Q1 2018” and obtain the corresponding results, visit Farsight Security is making this limited offer for the next 30 days, until April 6th, 2018.

Farsight Security tested the primary domain of each entity in order to assess adoption of emerging technologies and key DNS defensive measures. Among the report findings:

  • Overall, Internet Protocol v6 (IPV6) and Domain Name System Security Extensions (DNSSEC) adoption is extremely low, particularly for financial services organizations, of which only 3.8 percent use DNSSEC; only 14.6% have IPv6 connectivity;

  • Adoption of Domain-based Message Authentication, Reporting & Conformance (DMARC), which is designed to detect and prevent email spoofing, remains low. Only 20.6 percent of subjects have a DMARC policy established, meaning that email continues to be at high risk for phishing and other domain-based attacks;

  • Nearly 80 percent of organizations are using Sender Policy Framework (SPF) records, which is helping them to fight spam and phishing attacks;

  • Higher education institutions, which often tend to be technology early adopters, demonstrate a more proactive stance than leading global corporations in implementing some of the tested factors.

“Our findings show that despite the growing trend of attacks that DNS could help to defend against, large enterprises and educational institutions are not conducting basic hygiene functions related to DNS,” said Paul Vixie, CEO Farsight Security. “Pulling back the covers makes it very apparent that infrastructure teams and security teams should be working together directly to ensure all DNS security measures are deployed and enforced. As online attacks via the Internet continue to hold court in board meetings globally, this is an opportunity for CIOs and CISOs to band together and better secure their infrastructure for the good of the organization.”

The full report and Farsight Security’s recommendations to improve an organization’s DNS security position can be viewed here

About Farsight Security, Inc.

Farsight Security is the world’s largest provider of historic and real-time passive DNS data. We enable security teams to qualify, enrich and correlate all sources of threat data and ultimately save time when it is most critical - during an attack or investigation. Our solutions provide enterprise, government and security industry personnel and platforms with unmatched global visibility, context and response. Farsight Security is headquartered in San Mateo, California, USA. Learn more about how we can empower your threat platform and security team with Farsight Security passive DNS solutions at or follow us on Twitter: @FarsightSecInc.

Karen Burke
Director of Corporate Communications
Farsight Security, Inc.