Skip to main content
banner image
venafi logo

Is Your SSL Traffic Hiding Attacks?

Is Your SSL Traffic Hiding Attacks?

ssl traffic encrypted cyber attack
January 17, 2019 | David Bisson

Encrypted traffic is growing fast and becoming mainstream. According to Gartner, SSL traffic comprises 15-25% of the total web traffic, making it a significant percentage. The use of SSL varies by industry, but often helps to securely transmit sensitive or confidential information.

So what’s the problem? While SSL provides confidentiality and security for an individual session, it can also create a problem for enterprise security. Cybercriminals can use SSL to hide their exploits from an organization’s security devices, like firewalls, Intrusion Prevention System (IPS), Unified Threat Management (UTM), secure web gateways, Data Loss Prevention (DLP), anti-malware solutions, and more. Cybercriminals are well aware of SSL/TLS encryption blind spots and they are using SSL/TLS to hide malicious content, evade detection, and bypass critical security controls.

Are cyber criminals hiding in your encrypted tunnels? Find Out.

The results of a Gartner survey show that, “Less than 20% of organizations with a firewall, an intrusion prevention system (IPS) or a unified threat management (UTM) appliance decrypt inbound or outbound SSL traffic.” Therefore, in over 80% of the organizations that use these security devices, cybercriminals can bypass the organizations’ existing security controls by leveraging SSL tunnels to sneak malware into the corporate network, hide command and control traffic, and exfiltrate data. This is a serious threat.

Gartner predicted that eventually more than 50% of the network attacks targeting enterprises would use SSL encryption. For this majority of organizations that do not decrypt data, most lack the ability to decrypt and inspect encrypted communications to assess these threats. This blind spot undermines traditional layered defenses and increases the risk of information breach and data loss.

Security professionals know that visibility into and control over SSL traffic is a necessity. And just as importantly, failing to find, use, and secure ALL keys and certificates for decryption undermines existing critical security controls. These tasks are critical:

  • Have access to keys and certificates that can decrypt inbound traffic
  • Secure the volumes of keys and certificates necessary to enable inspection

Failing to decrypt traffic and maximize decryption with ALL keys and certificates means that network attacks may be able to bypass your existing security investments

Having automatic, secure access to all enterprise keys and certificates maximizes the amount of decrypted traffic, enables inspection of SSL traffic, and eliminates blind spots that are otherwise hidden in encrypted traffic. So when it comes down to it, every extra key and certificate available for decryption means one less place for nefarious actors to hide threats in SSL encrypted sessions.

Blue Coat and Venafi have partnered to help organizations uncover blind spots from malicious SSL/TLS threats that are obscured by encrypted traffic. The Blue Coat SSL Visibility Appliance and Venafi TrustForce integration maximizes the amount of traffic that can be decrypted and inspected to eliminate blind spots. Venafi TrustForce delivers keys and certificates to Blue Coat SSL Visibility Appliances securely and efficiently, thereby eliminating manual maintenance and reducing administrator burden.

Learn more about machine identity managment. Explore now.

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

David Bisson
David Bisson

David is a Contributing Editor at IBM Security Intelligence.David Bisson is a security journalist who works as Contributing Editor for IBM's Security Intelligence, Associate Editor for Tripwire and Contributing Writer for Gemalto, Venafi, Zix, Bora Design and others.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more