Search

Infoblox’s Chief Product Officer Offers His Vision of the Future – Six Five in the Booth

Infoblox’s Chief Product Officer Offers His Vision of the Future - Six Five in the Booth

On this episode of the Six Five in the Booth, Will Townsend of Moor Insights & Strategy is joined by Infoblox’s Mukesh Gupta, Chief Product Officer for a conversation on the future of cybersecurity in an ever-evolving threat landscape.

Their discussion covers:

  • Strategies to track the constantly evolving threat landscape
  • Emerging attack trends to watch
  • The significance of DNS in cybersecurity enhancements by Infoblox
  • Infoblox’s latest innovations for enhanced protection and control
  • Mukesh Gupta’s insights on the biggest challenges for security professionals in 2025

Learn more at Infoblox.

Watch the video below, and be sure to subscribe to our YouTube channel, so you never miss an episode.

Or listen to the audio here:

Disclaimer: The Six Five Webcast is for information and entertainment purposes only. Over the course of this webcast, we may talk about companies that are publicly traded and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors and we ask that you do not treat us as such.

Transcript:

Will Townsend: Hi so Six Five Media is on the road at RSA Conference 2024, and I’m speaking with Mukesh Gupta. He’s the Chief Product Officer for Infoblox. Mukesh, how’s it going?

Mukesh Gupta: Very good, thank you.

Will Townsend: How’s the show been for you so far?

Mukesh Gupta: It’s great. It just started and I’m really excited to be here.

Will Townsend: That’s great. Well, I’ve been working with Infoblox for the past year. Scott Harrell, your CEO, is someone that I got to know at Cisco quite well. And I was really amazed to learn about DNS and how there aren’t a lot of companies that are leveraging it for security and networking like Infoblox is. So I’m excited to have this conversation with you. And I want to kick things off around, we’re living in really trying times. Nation state attacks. I mean, adversaries are getting more sophisticated with cyber attacks and cyber crime. And the front landscape, it’s constantly evolving. I mean, how do customers keep track of all this?

Mukesh Gupta: Well, I look at it in three dimensions. For the first one is the number of attacks.

Will Townsend: Sure.

Mukesh Gupta: And if you look at about a few years ago, people were saying there is an attack every 39 seconds, and now there is an attack every 11 seconds. So by the time I finish this sentence, there’ll be yet another attack somewhere in the world. So that’s the first dimension. The second one that you mentioned is the sophistication of these attacks. These are not individual people anymore. These are criminal organizations and they just run just like a normal organization. They have large engineering teams. They’re starting to use AI and they’re in the business of making money.

So they’re innovating and this gen AI stuff is just going to give them all the powers to be more sophisticated, so that’s the second dimension. And the third dimension I look at is the impact of these attacks. And if you look at the ransomware payments, last one I heard was about $22 million. And the economic damage to an enterprise is in billions of dollars after they’re done dealing with these ransomware attacks. The one that really broke my heart was this piece of news that I read about 1 1/2 years ago. It was a hospital in Alabama that was dealing with a ransomware attack and they couldn’t provide care to an infant and the infant died.

Will Townsend: Tragic.

Mukesh Gupta: Tragic. So that’s the impacts. And all three dimensions, things are just getting worse and worse every day.

Will Townsend: And I think one of the most highest profile ransomware attacks recently was the MGM Grand. And it’s not in any way as dramatic as what you just described with the hospital, but think about the millions and billions of dollars that MGM Grand lost when patrons could not use their keys to get into their rooms, casino machine shut down and it was a worldwide phenomenon. It wasn’t just in Las Vegas, Nevada.

So these bad actors are getting very sophisticated. And you brought up a great point, generative AI is almost like a double-edged sword. It’s allowing adversaries to become more sophisticated in their attacks, but it can also be used for good by defenders. But I want to get back to specific attack trends. And is Infoblox seeing anything specifically sort of bubble to the surface recently?

Mukesh Gupta: Yeah. Last year, the one that we saw bubbling up was these attackers using look-alike domains of the single sign-on companies, and that’s the one that was actually used at MGM. So what they do is they create these domains of Okta, Ping identity and they look very similar. They’ll replace O with some

Will Townsend: Just one-

Mukesh Gupta: Character. And they’re starting to use non-English characters that look exactly like those English characters with very subtle difference. So when people get these phishing emails, they click on them, it actually looks like Okta, or Ping. So they get fooled and they enter their credentials, and now these attackers have the credentials of these employees. Once they get that, they have access to all the applications this employee has because now they have cracked into their Okta account. So that’s the one we saw bubbling up quite a bit. Last year we saw about 1600 domains, these look-alike domains of the single sign-on and multi-factor authentication.

Will Townsend: It seems like identity is the new hack. I mean, it’s always been happening, but I mean I’m seeing the same thing.

Mukesh Gupta: And it’s dangerous because it’s the keys to the kingdom. Once you log into someone’s Okta account, then you get access to all the applications.

Will Townsend: So I know that Infoblox has been very focused on addressing a lot of these issues. There’ve been a lot of recent announcements. One SOC Insights I think was phenomenal. I published a research note on this when you launched it. There’s a paper from our firm that’s going to be published very soon. But what are some other things that you’re doing to really leverage the power of DNS to provide visibility and higher levels of protection for your customers?

Mukesh Gupta: So DNS is really the foundation of an enterprise as well as the internet. Nothing works without DNS.

Will Townsend: It’s like the phone book for the internet. It’s the way I like to look at it.

Mukesh Gupta: I call it like electricity. It’s powering everything, but you don’t realize the importance of it before an outage. Just a few weeks ago, I had an outage, PG&E outage, and I realized I couldn’t open my garage and I couldn’t take my car out. I didn’t think of that. So when these things happen, people realize the importance of DNS. And because DNS is such a foundational protocol, it is allowed through all the security tools and that’s why it’s the favorite protocol for attackers because it’s allowed everywhere.

So they can write it, they can do things with it. What’s interesting is it’s also an earliest to detection and prevention point for the defenders because any device that gets compromised, the first thing it does is make a DNS query to something bad. And if we can detect it there or stop it there, then you can prevent a lot of these bad things from the start. And that’s where we are focused because if we can use DNS as that prevention point, then we can effectively cripple these attacks.

Will Townsend: And I also find it fascinating that with Infoblox, your technology that’s rooted in DNS has the ability to determine if a URL can become weaponized and it can remain dormant for years. So can you go into a little more detail about the underlying technology that makes that a reality?

Mukesh Gupta: Yeah, so we’ve taken a very different approach than other people who are looking at DNS security. The way I like to describe it is if you were to eradicate drugs problem in a city, you could take two approaches. You could either go after the drug dealers and then you’ll have to go after a lot of them because there’s just a lot of them. You have to go after schools and streets and find these guys and try to eliminate them. And the second approach you could take is go after the cartel, which is the supplier of these drug dealers. And if you find the cartel and you block them and kill them, then you can effectively eradicate all the drug dealers as well.

Will Townsend: It’s a whole notion of distribution and then end sales, right?

Mukesh Gupta: Right. So the other security tools are going after the drug dealers. After a domain is weaponized, it’s hosting malware or is being used for phishing, that’s when they detect it and then they prevent it. Versus the approach we are taking is going after the cartel or the suppliers of this. And one of the examples of this is Prolific Puma, this organization is basically the equivalent of Bitly. They provide URL shortening services to all these cyber criminals.

So we found them. And now we are tracking them. They own 45,000 domains, so we can just block all of them in one shot. And now after this, if they buy a new domain, we pretty much know it’s going to be something bad. So we don’t have to wait for that domain to do something bad, we can just start blocking it now. With this new approach, we are able to detect these bad domains 63 days in advance than other tools.

Will Townsend: That’s amazing.

Mukesh Gupta: Right. And it’s also allowing us to deliver this really low false positive rate of 0.0002% so that’s three zeros after the decimal. So because, again, if the domain is bought and used by these bad actors, then the probability of doing something good is pretty much zero. So that’s the different approach we have taken. That approach is one innovation that has come out of Infoblox. You mentioned SOC Insights. One of the big issues with all security tools is we all generate a lot of alerts and these SOC people-

Will Townsend: There’s so much fatigue and it’s just like how do you manage that? And to your point, to have that level of accuracy is so critical because it reduces the noise that SOC analysts have to manage and deal with, right?

Mukesh Gupta: Right. So earlier this year we launched SOC Insights, which is an add-on to our BloxOne Threat Defense. What it does is it analyzes thousands and thousands of these alerts. It uses AI to consolidate them and generates fewer insights. So you can look at that insight and then we provide all the relevant information behind that insight, but it’s just one insight that SOC analysts can easily analyze.

So that was something we did earlier this year. And the third one we just launched last week is what we are calling Zero Day DNS. And what that is, there are 200,000 domains that are being purchased every day, and some of these go to these cyber criminals. So how do we effectively find and analyze this domain? Sometimes they use them within minutes or hours, they buy them and then they start using them for-

Will Townsend: Or they’re dormant for-

Mukesh Gupta: Or they’re dormant for years and then they surface back. So Zero Day DNS is about newly purchased domains and they get weaponized within minutes or hours. We are able to now stream those domains from our customers and then effectively analyze them really fast and then start preventing blocking those domains.

Will Townsend: And I’m seeing just a rise in zero day attacks as well. I mean there are a lot of famous ones in the news as well, and so it’s a huge issue. But it’s incredible that your platform can detect zero day, but also monitor these domains that can become weaponized within months or years. So it’s just super incredible. But as we wind up our conversation, I want to go to sort of a lightning round. It’s kind of a game show kind of thing. But what I’d like to do is give you a topic and you give me a one-sentence statement. I know it’s going to be hard to do as a product guy, but let’s give it a try. And the first one is Gen AI and its use in security.

Mukesh Gupta: We are using Gen AI. We’ll continue to use Gen AI to help our SOC analysts, as well as make our product easier to use.

Will Townsend: I love it. I love it. Okay number two, complexity of cloud management and delivery. I could speak forever on this one.

Mukesh Gupta: Yeah, so we have so many customers using DNS, DHCP, IPAM across four, five different clouds. We are going to unify the management of that to help our customers.

Will Townsend: That’s great. And I’ll just add, one of the biggest challenges with cloud networking is just the disparity in architectures, and the lack of visibility and the gaps that are created. Oh, this is a good one. You should have a good one for this, DNS.

Mukesh Gupta: DNS. DNS is the foundation on which we operate. So we will continue to invest heavily in DNS to fight the cyber criminals and keep our customers safe.

Will Townsend: I love it. And finally, everything as a service.

Mukesh Gupta: Everything as a service. That’s the trend. The CloudOps teams want everything as a service, and we are investing heavily in providing our DNS security as a service. Our DDI, which is DNS, DHCP, IPAM as a service. And we’ll continue to invest in that so our customers can just use the services and not have to deal with infrastructure.

Will Townsend: I’ll just say it’s like why aren’t there other companies that are leaning into DNS as heavily as Infoblox? Do you have an answer for that?

Mukesh Gupta: I don’t know.

Will Townsend: Yeah, I mean it really kind of separates you from the pack and really differentiates you, but I want to ask you a crystal ball question and as an analyst, I wish I had a crystal ball because if I did, I’d be right all the time. But if you had a crystal ball, what do you think the biggest challenges that security professionals are going to face in the year 2025,

Mukesh Gupta: A few. So Gen AI is a big trend, I think it’ll create this situation where AI is fighting the AI, so it’ll be used by the offenders, like we talked about.

Will Townsend: It’s that double-edged sword.

Mukesh Gupta: It’s a double-edged sword. So we will have to up our game and the security tools will have to use Gen AI to fight these sophisticated attacks that are using Gen AI. So it’s just going to create both sides, offenders and defenders. The second one is, as all the enterprises start to build these Gen AI products, the security industry will have to figure out how to protect these Gen AI-based products because these standard security tools-

Will Townsend: The models, the apps, the data, all of it, right?

Mukesh Gupta: Right. And the third one I think is I’m just wary of these lookalike domains. I look at them and they’re just so hard to distinguish and people don’t have a lot of patience these days. You’re just working too fast and people end up clicking on these domains. So these lookalike domains I feel like will be more and more dangerous, and people won’t be able to distinguish and fall for it.

Will Townsend: I agree with all of the above. And one of the biggest challenges is culture and it’s instilling a sense of culture at every aspect of the organization. So much of these attacks are socially engineered, and I really believe what Infoblox is doing with DNS can help address a lot of that social engineering. But Mukesh, it’s been a great conversation, very enlightening. And again, we will be publishing more insights and strategy, a research brief that will go into more detail around SOC insights and some of the other things that we’ve talked about today. But thank you so much for your time, it’s been a great conversation.

Mukesh Gupta: Thank you, Will. I had fun.

Will Townsend: Awesome.

Mukesh Gupta: Okay.

Author Information

Six Five Media is a joint venture of two top-ranked analyst firms, The Futurum Group and Moor Insights & Strategy. Six Five provides high-quality, insightful, and credible analyses of the tech landscape in video format. Our team of analysts sit with the world’s most respected leaders and professionals to discuss all things technology with a focus on digital transformation and innovation.

SHARE:

Latest Insights:

Brian Doty and Phil Tee join hosts Dave Nicholson and Lisa Martin to share their insights on the future of AIOps with Dell's integration of CloudIQ & Moogsoft, discussing the transformative potential for IT operations.
The Futurum Group Survey Underscores Security Market Trends Discussed at RSA Conference 2024
Krista Macomber, Research Director and Senior Analyst with The Futurum Group, shares her insights on The Futurum Group’s security intelligence data and the RSA Conference 2024.
Integration of Powerful Tools, Including Generative AI Solutions, Help Deliver Future Growth
The Futurum Group’s Keith Kirkpatrick and Daniel Newman cover WalkMe’s Q1 2024 earnings, which were marked by strong overall revenue and subscription growth and discusses the steps the company needs to continue its momentum.
Hannah Duce, Director at Rackspace, joins hosts Dave Nicholson and Lisa Martin to share insights on the exciting partnership with Dell and the launch of Rackspace Private AI, setting a new benchmark in tech collaborations.