Orchestrating SSL VisibilityKevin Stewart of F5 Networks on How to Orchestrate a New Defense
The good news for security leaders: Because of SSL/TLS, nearly every bit of web data in transit is now encrypted. The bad news: Threat actors are now masking their attacks inside of encrypted traffic. Kevin Stewart of F5 Networks explains why network visibility is not enough to detect these attacks.
Stewart, a security solutions architect, explains the new dynamic from the attacker's perspective:
"If I'm a malware author and I needed to bypass any of those ever-advancing security controls to infect some target, wouldn't it just make sense for me to do infiltration via TLS, where I'm less likely to be discovered?" Stewart says. "[Within encrypted traffic] is where the malware is going to go because it's where it is least likely to be discovered."
In an interview about SSL visibility, Stewart discusses:
- The new wave of disguised attacks;
- Why visibility is insufficient security;
- How orchestration offers new defensive options.
Kevin Stewart is a security solutions architect at F5 Networks.