Networks are becoming increasingly encrypted, and the need for more visibility creates a significant challenge for security teams. Threat actors routinely use encryption to help hide data exfiltration and control with victim networks, making it extremely difficult for security teams to detect and prevent potential security threats.
One of the biggest challenges facing organisations today is understanding their encryption landscape to expose risks and vulnerabilities. Without understanding the encryption used within their networks, businesses may be more vulnerable to cyber-attacks, resulting in financial loss, reputational damage, regulatory violation and associated fines.
“ETA is now essential to a CISO’s strategy to understand encrypted networkcommunications.”
The accepted approach for many years has been the staticanalysisofcertificatesonaservertoprovidea single view: verify the certificate’s digital signature, check the certificate’s expiration date, and validate that a trusted certificate authority issued the certificate. However, this needs to be revised in a world where most communications are now encrypted.
ETA involves analysing the traffic between endpoints in real-time to understand the negotiated encryption and any potential risks or vulnerabilities to maintain privacy and compliance. This provides the necessary information and clarity around the encryption actively negotiated for each session, allowing security teams to understand the encrypted communications.