+ 001 0231 123 32



All demo content is for sample purposes only, intended to represent a live site. Please use the RocketLauncher to install an equivalent of the demo, all images will be replaced with sample images.

Blue Shield was founded in Austria in 2015. With just under 22 employees, the owner-managed company, under Alois Kobler, is in charge of DNS security.

RamgeSoft has been selling since 2018 Blue Shield Umbrella.


How does the BlueShield Umbrella work?

In short: Any request to the Internet requires a DNS server. Your requests to these DNS servers will be handled by BlueShield in the future. BlueShield checks and verifies your DNS traffic and can therefore detect anomalies immediately and in real time and protect you from them.

The idea of ​​the Zero-Trust is thus implemented 1 to 1 and you receive rinse another "protective layer" for your company.

Find out now which processes are behind it and what BlueShield can protect you from!

The technology in the background

Own mirroring of the root server
On a so-called “WhiteList / AllowList” root name server basis, pre-sorting takes place before a domain is included in our own DNS system. For this evaluation, whether a domain on the Blue Shield Umbrella Platform is recorded and continuously monitored, there are specially developed algorithms, our own crawlers and artificial intelligence based on our own PassiveDNS / IP database, which has been analyzed since 2013 and continuously expanded with worldwide public hybrid sandboxes.

All web code is scanned for defective software and further links are also checked, eg for CDN [AK1], forum links, etc. - this is how we set new standards in the area of ​​ZeroDay prevention.
Realtime Prevention
No results are saved, but the connection and metadata of the target are checked in real time each time it is called up, and algorithms using historical data evaluate whether the current behavior is good or bad.

Should an infrastructure change drastically so that the historical data no longer match the current behavior, the domain will be blocked until an updated profile is created. This process happens automatically in the background.
Code scans by AI in the background
At the same time, code scans run in the background for the domains called up on the basis of the new mathematical algorithm, including the specially developed sandbox, in order to immediately identify, in addition to the connection data, if a code changes maliciously.

This information is continuously used to determine whether the desired domain is still recognized on our clones of the root name server.
Unknown is blocked
Web servers, domains, IPs and authoritative servers that the BSU does not know are initially blocked and automatically checked by the system in the background before they are released.

During this time, our system analyzes and learns about the new goal:
• Connection behavior
• Code evaluation including hidden subdirectories
• Any other traffic
• IP Reputation
• Alternative Nameserver Reputation

PassiveDNS / IP learning is also used
• Which domains / IP's point to the target have already been noticed
• Owner of the domain including its history
• Authoritative Nameserver
Ongoing evaluation & checking of the whitelist / allowlist
Only if all criteria can be assessed positively is a domain included in its own root name server and then additionally checked by real-time prevention and code scans by AI.
Facts & Figures
We are currently blocking all domains from more than 4000 authoritative name servers, and the trend is rising.

More than 200.000 new domains are registered every day - more than 70% of them are classified as dangerous and are therefore not included on our platform.