...

have you believe it is time to throw in the towel: “if you don’t have unencrypted traffic, you can’t have security”, they say. This narrative plays into the hands of the very adversaries we seek to thwart. It is no surprise that over 70% of malicious traffic is now encrypted. So, what is the security operations team to do? In the first part of this series, we showcase the breadth of encrypted traffic analysis techniques available. We discuss why encryption breaks simplistic detection methodologies that rely on basic pattern matching. We then demonstrate the path forward through case studies of detection and hunting that combine encrypted traffic analysis with threat intelligence, machine learning, heuristic chaining and other advanced techniques. In fact, rather than being an obstacle, we find that about half of the threats we uncover are detected precisely because of their use of encryption. Don’t miss this online learning session to understand: - How encryption provides defenders with insights into the attacker’s tools and tactics - Why the simplistic solution of decryption is inadequate against today’s attacks - The state of the art for encrypted traffic analysis and guidance on enhancing current detection and response methodologies Speaker: Gary Golomb, Chief Scientist & Co-Founder