Skip to content
Information Technology

Hey threat actors… we see you!

PR Deadlines 3 mins read

A huge cybersecurity threat exists because threat actors are hiding in encryption, one of the very mechanisms created to protect us, warns Jonathan Hatchuel, Country Manager A/NZ, at Gigamon. 

He says that’s why his company has launched a breakthrough cybersecurity technology for the world, specifically designed to eliminate this blind spot.

Today, over 90 percent of all communications are encrypted, including organisations’ internal communications, and threat actors are increasingly hiding their activity under the cover of encryption.

As attackers have grown more sophisticated, they are even employing encryption for their own lateral movement, data siphoning and data exfiltration. Moreover, they are doing this on virtual and cloud workloads, where the security measures are still maturing.

More advanced security organisations have been attempting to address this using decryption. The U.S. National Security Agency (NSA), among others, promotes TLS decryption as necessary for a strong security posture.

Unfortunately, decryption can prove costly, modern TLS 1.3 has made it wicked hard, and it’s an outright nightmare in cloud and containers, where systems and microservices are designed to take advantage of efficient lateral communication.

According to a report by EMA, a staggering 90 percent of organisations expressed concern over the lack of visibility that comes with TLS 1.3.

This problem set is now directly addressed with our new technology  Gigamon Precryption™ , which allows security teams to shine a bright spotlight on encrypted lateral (also known as East-West) traffic across virtual, cloud, and container workloads.

Leveraging Linux eBPF and standard encryption libraries, Precryption technology offers plaintext visibility into all encrypted communications before the payload is encrypted, hence the name Precryption.

With Precryption, no decryption is required — the first of several reasons why this is a breakthrough technology.

Rather than try to break something that wasn’t meant to be broken, we access traffic at the most basic level, then deliver it efficiently and securely to the full security stack for further inspection. We’re leveraging a process that’s already happening, making this an elegant solution and not some unnatural act.

Not only is it elegant, it’s independent. Precryption technology is part of the GigaVUE® Universal Cloud Tap, which runs independently of other applications or containers.

In this way, we’re simultaneously providing an independent, immutable source of truth, while avoiding any operational entanglements around testing and upgrades commonly associated with embedded agents.

Today, a proper solution for plaintext visibility is more important than ever. As organisations modernise their security posture to become perimeter-less or adopt Zero Trust architecture, inspection becomes mandatory for lateral traffic.

This point always gets head nods by those who understand how cybersecurity breaches are perpetrated, and even bigger head nods when considering they need to apply it to modern virtual or cloud workloads. Precryption technology meets them exactly where they are.

The goal is to broaden the scope of an organisation’s security posture, extending it all the way to lateral movement. And to do so efficiently and at scale.

Since no decryption is taking place, this means we don’t have to manage keys, we don’t sniff keys, we don’t expose keys, we don’t need key libraries, and we certainly don’t care about cipher strength.

Also we aren’t having to break and inspect the encrypted channel: nothing gets broken, no proxies, no re-encryption, no retransmissions. But the critical plaintext inspection still happens.

 

Lastly, Precryption technology is an extension of our Deep Observability Pipeline. The plaintext access is just the first step: along with that comes a whole host of filtering, optimisation, transformation and replication capabilities.

Packets get delivered to NDR tools, metadata gets enriched for SIEM tools, and the whole security stack works better because it now knows what’s inside the encrypted traffic versus guessing with other approaches.

Too often organisations get serious about modernising their security posture only after they’ve had a breach. With Gigamon, you can move from reactive breach management to proactive threat detection and can now see where threat actors hide — especially in the cloud.

###

More from this category

  • Information Technology, Insurance
  • 24/06/2024
  • 09:00
Qikio

Qikio partners with Mercurien to expand commercial car insurance offerings?

Qikio, an insurtech dedicated to providing cutting-edge insurance solutions, is excited to announce a strategic underwriting partnership with Mercurien, an Australian company with a…

  • Contains:
  • Information Technology
  • 19/06/2024
  • 16:33
Gigamon

Gigamon Research Reveals Global Security Leaders are Losing Ground in the Race Against Cybercrime as Undetected Breaches Rise By 20 Percent

New research shows 1 in 3 organisations were unable to detect a breach in the last 12 months, with just 25 percent able to respond in real time Gigamon, a leader in deep observability, today published its 2024 Hybrid Cloud Security Survey, revealing that organisations around the world are still unprepared for modern, sophisticated cyberthreats. The annual survey of over 1,000 Security and IT leaders across Australia, France, Germany, Singapore, UK and the USA, shows a decline in detection and response capabilities year-on-year compared to the company’s 2023 Hybrid Cloud Security Report. As hybrid cloud environments grow in complexity and…

  • Information Technology
  • 19/06/2024
  • 10:07
Annature

MyBudget announces transition to Annature for a more efficient and cost-effective eSigning solution

BRISBANE, Australia, June 19, 2024 (GLOBE NEWSWIRE) -- MyBudget, Australia’s most trusted specialist in budgeting, debt solutions and money management, today announced its successful transition to Australian eSigning innovator Annature.This partnership sees MyBudget, which also operates loans solutions service MyBudget Loans and custom home building company MyHomeBuild, using Annature for all formal internal and external client-facing documents across its businesses, at a significantly lower cost than its previous eSigning provider, DocuSign.For more than 25 years, MyBudget’s team of money experts have been helping Australians reduce their debt, create savings and manage their money with confidence, offering detailed budget plans, a…

Media Outreach made fast, easy, simple.

Feature your press release on Medianet's News Hub every time you distribute with Medianet. Pay per release or save with a subscription.