DNSSEC
A set of extensions to DNS that provide cryptographic authentication of DNS data, preventing spoofing and cache poisoning.
What is DNSSEC?
What is DNSSEC?
DNS Security Extensions (DNSSEC) add cryptographic signatures to DNS records. When a resolver queries a DNSSEC-enabled domain, it can verify that the response hasn't been tampered with by checking the digital signature chain. This prevents DNS cache poisoning and spoofing attacks where an attacker redirects traffic by providing false DNS responses. While DNSSEC doesn't encrypt DNS queries, it ensures the integrity and authenticity of DNS responses.
Ready to secure your stack?
Secure your entire stack today
Start scanning in under 5 minutes. No credit card required. 14-day free trial included.