AI DNS Risk Assessment BETA

Automatic Risk Scoring

When ZoneWatcher detects a DNS record change, it automatically sends the change details to an AI model for security analysis. Each change receives a risk score from 1 to 100, along with a plain-language summary explaining what changed and why it matters. You'll see the result directly on the change comparison page, with no extra steps required.

What the AI Evaluates

The analysis goes beyond simply noting that a record changed. It considers the full context of the modification to determine whether it's expected or suspicious.

Record Type Criticality

Changes to MX, NS, and A/AAAA records on root domains are weighted more heavily than routine subdomain updates.

ASN & Geolocation Shifts

IP address changes are enriched with ASN, organization, and geolocation data to detect unexpected hosting or country changes.

Historical Context

The AI knows which ASNs have been used across your zones before, so it can flag when a completely new network appears.

Attack Pattern Recognition

Patterns like mail server hijacking, nameserver takeovers, and SPF/DKIM record tampering are specifically identified.

Risk Levels at a Glance

Every analyzed change is categorized into a clear risk level so you can prioritize your response.

Low Risk (1–39)

Routine changes such as TTL updates, new subdomains following established patterns, or IP changes within a known hosting provider.

Medium Risk (40–69)

Changes to less critical records, new but potentially legitimate ASNs, or modifications that warrant a second look but aren't immediately alarming.

High Risk (70–100)

Critical record changes to unfamiliar networks, potential mail server hijacking, nameserver modifications, or multiple simultaneous changes that could indicate compromise.

Built into Your Workflow

AI risk scores appear everywhere you view DNS changes — on the change comparison page, in your checks list, and in your zone's check history. There's nothing to configure and no separate dashboard to check. When a change happens and the risk is assessed, it's right there alongside the record details you're already looking at.

Available on Agency & MSP Plans

AI DNS Risk Assessment is included at no extra cost on all Agency and Managed Service Provider plans. If you're managing DNS for clients, this feature gives you an automated second opinion on every change — start your free trial today to see it in action.