This new report from Gartner, is filled with rich details about the many ways that the DNS can be used to harden network defenses.
DNS presents security and risk management leaders with some excellent opportunities to anticipate, prevent, detect and respond to prevailing threats. Organizations should implement DNS security to protect users, devices and other critical infrastructure.
Implement DNS threat prevention and blocking capabilities — and, if possible, also monitor DNS traffic for other anomalies like data exfiltration. In some cases this might not be a new product, as this functionality may be present in one of your existing products. Ideally it can be used for enforcement as well as monitoring use cases.