In cybersecurity, some of the most dangerous threats aren’t loud. They’re quiet, lingering in misconfigurations and oversights—like DNS. Patrick Sullivan, CTO of Security Strategy at Akamai, explains how DNS vulnerabilities often go unnoticed for years, only to be exploited in devastating ways. “Because DNS has built-in resilience… a misconfigured DNS entry can fail silently while other entries respond,” he says.

That was exactly the case in one real-world scenario: a misconfigured DNS record remained undetected for years until a third party registered the domain and exposed the risk. By then, attackers had all they needed.

From Silent Failure to Full Compromise
The answer, according to Sullivan, is continuous monitoring integrated directly into existing security operations. “Plug into the existing workflow—that’s the way we go about it,” he says, referencing integrations into SOC and SIEM systems.

But these aren’t just theoretical risks. Patrick points to real attack campaigns—especially in the southern hemisphere—where adversaries begin by compromising DNS at the registrar level. That one move gives them wide-ranging control.

When DNS Becomes a Gateway for Attackers
“Once an adversary controls DNS, they can manipulate mail records, like MX entries, and intercept or redirect email traffic,” Sullivan explains.

Even worse, many SaaS platforms use DNS-based validation to verify domain ownership. If attackers control the DNS, they can pass those checks and commandeer entire SaaS applications.

“It’s lateral movement via DNS,” Sullivan says—one that bypasses conventional security controls and leads to organizational compromise.

With DNS underpinning everything from SaaS validation to email flow, visibility into DNS posture isn’t optional—it’s foundational. Akamai’s solution focuses on that visibility, surfacing hidden misconfigurations and enabling teams to act before attackers do.