TEHTRIS XDR/DNS Firewall is a DNS security module integrated into the TEHTRIS XDR Platform that monitors and protects DNS traffic from various threats. The solution continuously analyzes DNS queries and resolutions to detect and block malicious activities including phishing, malware, command and control communications, crypto miners, and domain generation algorithms (DGA). The DNS Firewall uses Machine Learning and Deep Learning techniques to systematically analyze all DNS requests. It incorporates the CYBERIA artificial intelligence engine to identify domains generated by DGA algorithms and blocks access to newly created domains that may pose security risks. When anomalies are detected or matches are found in the threat knowledge base, DNS requests are automatically blocked or alerts are generated. The solution provides configurable control lists that allow organizations to adapt filtering policies according to their specific security requirements. It supports various infrastructure types and is compatible with sensitive environments including IoT and BYOD deployments. As part of the TEHTRIS XDR Platform, the DNS Firewall sends all detected anomalies and blocked events to a centralized console. The platform includes a Raw Data section that aggregates all logs for forensic investigations. Users can access SOAR capabilities with No Code Automation to create custom playbooks and integrate with partner solutions. The threat knowledge base enables real-time identification of suspicious activities, while Deep Learning neural networks detect both known and unknown threats.