Keeping Network Inspection Visibility in the Age of TLS 1.3

Logo
Presented by

Matt Bromiley, Incident Response Instructor at SANS; John Smith, Principal Engineer at ExtraHop

About this talk

Keeping Network Inspection Visibility in the Age of TLS 1.3: What To Do When The Network Goes Dark Like it or not, TLS 1.3 is coming and will make network traffic opaque to inspection. This discussion will cover lessons learned from real-world, large-scale experience decrypting PFS-encrypted traffic and the various options available, including SSL fingerprinting, proxies and session-key forwarders installed on critical servers. Attendees will be able to formulate a strategy for retaining visibility into encrypted traffic that works for their organization.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (180)
Subscribers (9562)
The prevention and protection model of cybersecurity isn’t working: between the cloud, IoT, and the sheer pace of change, the enterprise is no longer built to be walled in. This channel provides educational webinars to help SecOps (SOC) and NetOps (NOC) teams, from CIOs and CISOs to analysts and practitioners, change their perspective in order to identify, investigate, and respond to threats across the modern attack surface. We explore how cloud-native network detection and response (NDR) provides the complete visibility, real-time threat detection, and intelligent response you need to secure your hybrid environment. You’ll also find product information about ExtraHop Reveal(x) which enables you to: Eliminate blind spots: Cover 100% of your hybrid environment, Detect what matters: Find threats 95% faster, and Act quickly: Respond to breaches 70% faster. Learn more at www.extrahop.com