Businesses are increasing their use of SSL/TLS. This is being driven by the growth of cyberattacks as well as concerns and regulations over data privacy. Also, Google is prioritizing search results for sites using HTTPS, driving marketing teams across all types of businesses to support the expansion of encryption. While this increase in SSL/TLS provides privacy and authentication, it also creates a blind spot for enterprise security.
Gartner predicts 50% of network attacks will use SSL/TLS by 2017. Most organizations lack the ability to decrypt and inspect SSL traffic, which I highlighted in my earlier blog, Is Your SSL Traffic Hiding Attacks? This means your NGFW and threat detection won’t be able to see or protect against 50% of attacks. That’s a huge blind spot for enterprise security—and cybercriminals are taking advantage of this.
How does using SSL/TLS benefit the bad guys? Cybercriminals are using encryption against enterprises to conceal malware delivery, eavesdrop on communications, and exfiltrate data undetected—undermining layered security defenses. With the increase in SSL/TLS encryption, the ability to ensure every key and certificate is available for decryption, and then decrypt and inspect SSL/TLS traffic in real time, has become critical.
What do you need to do to eliminate this security blind spot? During the RSA Conference 2015, we’re spotlighting our partnership with Blue Coat. Together our solutions maximize decryption and uncover threats.
Here’s how the solutions work together in a nutshell:
Venafi TrustForce automates key and certificate provisioning and replacement
Blue Coat SSL Visibility Appliance uses the keys and certificates for policy-enforced SSL traffic inspection
Venafi TrustForce ensures keys and certificates have strong authentication, are rotated regularly, and are replaced quickly in the event of a compromise
Having access to all keys and certificates for decryption means one less place for the bad guys to hide, infiltrate your network, and steal data. . With Venafi, businesses maximize the amount of inbound encrypted traffic that can be decrypted and inspected by Blue Coat SSL Visibility Appliance and eliminate blind spots that are hiding in encrypted traffic.