Palo Alto Networks’ DNS Security Service uses machine learning and threat intelligence to block malicious domains, detect domain generation algorithms (DGAs), and disrupt DNS tunneling. It processes IP addresses and User-ID data for visibility and analytics, with opt-out options for customers. Data is stored in regional GCP or AWS centers, and cross-border transfers comply with EU Standard Contractual Clauses. Customers and Palo Alto teams (SREs, researchers, support) have access under strict controls. Retention for analyzed domains is 90 days. Security is enforced through Trust 360, with layered safeguards across data transmission, storage, and access.

Join for free to read