SYDNEY, August 5, 2025 — Infoblox, a leader in cloud networking and security services, today announced major enhancements to its Protective DNS solution, Infoblox Threat Defense™, empowering organisations to stay ahead of sophisticated, AI-driven cyberthreats with preemptive security.

As global cybercrime costs surge toward US $23 trillion by 2027,¹ traditional “detect and respond” security tools are struggling to keep up. Modern attackers increasingly deploy AI to create unique, single-use malware and stealthy phishing campaigns that evade traditional defences—making it more likely than ever that any organisation can become “patient zero.”

Infoblox’s Protective DNS solution, Infoblox Threat Defense, stops threats before they impact infrastructure by combining predictive threat intelligence with algorithmic and machine learning based detections—blocking high-risk and malicious domains an average of 68 days earlier than traditional tools, with an industry-leading 0.0002 per cent false positive rate.

“The difference between most DNS security tools and our approach is like the difference between law enforcement chasing street-level drug dealers versus taking down the cartel,” said Mukesh Gupta, chief product officer, Infoblox. “We target the suppliers behind the cyberattackers—the cartel—so threats can be blocked before they ever reach the network. This preemptive strategy helps security teams reduce risk, eliminate noise and stop threats at the DNS layer before they ever reach the network.”

To help customers get ahead of the new wave of AI-driven threats, Infoblox is continually delivering groundbreaking threat intelligence—solidifying the role of Threat Defense as a proactive, highspeed threat blocker. From better visibility and actionable insights to flexible licensing and clear metrics on preemptive protection, these new innovations are designed to help security teams close gaps before attackers can exploit them:

• Protection Before Impact: Provides security leaders with clear, quantifiable metrics on threats neutralised before they can cause damage, streamlining reporting and demonstrating security ROI.
• Security Workspace: An intuitive, centralised interface that gives security teams deep visibility into their environment with actionable insights to reduce risk and ultimately speed their mean time to respond (MTTR).
• Detection Mode: Provides organisations visibility into threats they’re missing today— without changing existing DNS configuration, minimising operational risk.
• Asset Data Integration: Delivers deep context into what was protected as part of the preemptive strategy, enabling security teams to do further investigation and analysis.
• Token-Based Licensing: Flexible, token-based pricing aligned to protected assets simplifies procurement and drives clearer ROI.
• Powering Google Cloud’s DNS Armor: Infoblox’s Protective DNS capabilities also power Google Cloud’s DNS Armor, providing native security for cloud workloads, with public preview later this year

Infoblox Threat Defense gives security teams predictive insights to block attacks as threat actor infrastructure is being created—before malware is even deployed and long before a patient zero is hit. Unlike traditional security tools that must wait for the first victim to detect and respond, Infoblox’s approach can preempt the attack entirely.

By stopping attacks earlier, Infoblox reduces the load on detect-and-respond tools, such as XDR and SIEM—aligning with Gartner’s view that preemptive cybersecurity will replace 40 per cent of traditional solutions by 2028. The latest NIST SP 800–81 guidelines reinforce this shift, noting that DNS can often prevent security incidents earlier than other systems.

“Traditional ‘detect and respond’ security simply can’t keep pace with today’s AI-driven attackers and malware. Cybercrime is evolving faster than ever, costing the world trillions and exploiting gaps in legacy defences,” said Scott Harrell, president and CEO, Infoblox. “The legacy kill chain approach depends on someone else being ‘patient zero’ so those legacy systems can learn and react—but attackers today customise malware to target individual businesses or industries, rendering legacy, reactive approaches ineffective against modern AI-enabled attackers. When you’re patient zero, the only thing being ‘killed’ is your business. The future of cybersecurity must be preemptive: stop threats before they ever reach your organisation.”

“Across APAC, cyberattacks are growing more aggressive and calculated. From exploiting third-party access points to targeting critical systems—attackers are finding the cracks in our digital foundations and are using AI to strike faster and smarter than ever,” said Paul Wilcox, VP of regional sales, APJ. “For businesses in Singapore, where digital services are tightly woven into daily life, any downtime or confidentiality breach can be deeply disruptive. That’s why organisations here need to invest in earlier threat detection that starts at the DNS layer. Stopping an attack before it begins is far less costly than dealing with the aftermath.”

For deeper insights into our latest innovations and why preemptive DNS security matters more than ever, visit our Security Momentum launch blog. To see the latest research on evolving threats— including how DNS security blocks 82 percent of attacks before impact—read our 2025 DNS Threat Landscape Report.

1. “Key Cyber Security Statistics for 2025,” SentinelOne, May 15, 2025. https://www.sentinelone.com/cybersecurity–101/cybersecurity/cyber-security-statistics/