Hi [[ session.user.profile.firstName ]]

Threat Detection in TLS: The Good, the Bad, and the Ugly

While TLS (formerly known as SSL) has become the de facto way of encrypting data in motion on networks, it can also hide threats from your InfoSec team. As the volume of encrypted traffic continues to grow, organizations become even more vulnerable to encrypted attacks, hidden command and control threats and data exfiltration exploits that go undetected.

To make this situation even more complex, the TLS 1.3 draft 28 proposal, ratified at the IETF 101 conference in London and now moving toward official RFC status, has actually removed the visibility which was widely deployed for threat identification in TLS 1.2.

Once again, InfoSec teams find themselves at the fulcrum of a delicate balancing act. On one hand, encryption is moving toward ubiquity but on the other, we need to detect when threat actors use it too. And in detecting that misuse, we need to acknowledge and address critical management, troubleshooting, legal, regulatory, ethical and technical concerns. For example, we can’t decrypt just at the edge of our networks if we believe “perimeter security is dead.” Proxies on the network edge are a step backwards.

What can you do? “Threat Detection in TLS: The Good, the Bad and the Ugly” will discuss the necessity of deploying TLS decryption in the core of networks and will explore innovative architectures that deliver that capability while maintaining availability and reliability.

Learn how organizations can manage growing SSL/TLS traffic volumes by creating a centralized “decryption zone” to decrypt traffic once and give security tools newfound visibility into formerly encrypted traffic and threats.
Recorded Dec 11 2018 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ian Farquhar, Distinguished Sales Engineer, Gigamon
Presentation preview: Threat Detection in TLS: The Good, the Bad, and the Ugly
  • Channel
  • Channel profile
  • Application Awareness for Network Visibility Recorded: Feb 18 2020 35 mins
    Andy Hutchinson, Sales Engineer, Gigamon
    Let’s face it: in the 21st century whatever network buzzwords we have in our I.T. enterprise are really focused on application delivery. How does the network enable the business, and more specifically the applications that the business needs to run. So why focus network visibility exclusively on packets, when it is the applications that are important to our users and our customers?

    With Gigamon Application Intelligence, you can visualize the applications running across your network and make decisions for your environment based on applications, not just packets. Register for this webinar to learn how, within your existing infrastructure you can:

    · Achieve full visibility to applications on your network and the resources they consume
    · Filter out low-risk traffic, for improved detection performance
    · Understand how application metadata can benefit network security and performance measurements
  • Do You Really Know What's Running On Your Network? Recorded: Feb 7 2020 25 mins
    Martyn Crew – Director, Industry Solutions, Gigamon
    Everyone thinks they know what applications and data are on their network, but is that really the case?

    Join us for an information-packed webinar devoted to network and application visibility. For network architects and SecOps alike, you’ll learn invaluable information from Gigamon expert, Martyn Crew.

    What you'll learn:
    - How to identify and visualize what’s on your network
    - Beyond seeing what’s on your network, understand what it’s doing
    - How to use this knowledge to deliver optimal network availability, performance and user satisfaction

    Be sure to join and win in the visibility game. You’ll hear how to save time, increase overall tool efficiency and maximize your infrastructure investment.

    See how Gigamon delivers network visibility and analytics for digital apps and services enabling your organization to run fast, stay secure and innovate.
  • SANS 2020 Cybersecurity Spending Survey – Panel Discussion Recorded: Feb 4 2020 57 mins
    Gordon Beith – Senior Director, Product Marketing, Gigamon
    This webcast more closely examines the results of the SANS 2020 Cybersecurity Spending Survey. A panel of sponsor representatives, led by survey author Barbara Filkins and survey advisor John Pescatore, will explore themes that emerged during the survey.

    Hear Barbara Filkins and John Pescatore give an analysis of survey results and reveal strategies that organizations can use to justify security spending.


    Gordon Beith is responsible for overseeing product marketing activities for service providers at Gigamon. His extensive career includes over 30 years of work in telecommunications product management, marketing, hardware and software development, and related next-generation services areas. Gordon also co-authored the book on IMS testing and monitoring, entitled “Ensuring a Quality IMS Experience,” published in 2007, and has one patent to his name.

    As vice president and chief evangelist, Bob Gilbert is in charge of go-to-market strategy at Netskope, a market-leading cloud security company. He has held leadership roles in product management and marketing at various technology companies, including Riverbed, where he was a member of the pioneering product team that launched Riverbed from a small start-up to a market leader. Bob was first introduced to the world of cybersecurity as a teenager in the 1980s when he hosted a BBS and had to develop his own terminal software to prevent hackers from infiltrating the site that he hosted from his parent’s home.

    John Smith is a principal engineer at ExtraHop. John has over two decades of experience as a senior architect in IT organizations, and is a regular speaker at technology events including BriForum, RSAC and Citrix Synergy, among others.
  • Modernizing and Securing Financial Services Technology Environments EcoCast Recorded: Feb 3 2020 33 mins
    Martyn Crew – Director, Industry Solutions, Gigamon
    Financial services firms have unique needs that other industries don't face. Strict security policies, strong compliance requirements, and extensive and data retention demands are a few examples.

    Top those needs off with complex, distributed, and dynamic applications and most IT professionals who work in the financial industry are in dire need of more efficient, secure, and intelligent solutions than their peers in other industries. But where do you turn to find such solutions? Martyn Crew, Gigamon’s Director, Industry Solutions, has the answer.

    Watch the EcoCast to learn about the unique IT challenges in the financial services industry and discover an innovative solution to solve your greatest IT challenges.
  • Do You Really Know What's Running on Your Network? Recorded: Dec 2 2019 59 mins
    Martyn Crew, Director, Product Marketing Management, Gigamon and Dave Davis, ActualTech Media
    Everyone thinks they know what applications and data are on their network, but is that really the case?

    Join us for an information-packed webinar devoted to network and application visibility. For network architects and SecOps alike, you’ll learn invaluable information from our industry-leading Gigamon expert:

    - How to identify and visualize what’s on your network
    - Beyond seeing what’s on your network, understand what it’s doing
    - How to use this knowledge to deliver optimal network availability, performance and user

    Be sure to join and win in the visibility game. You’ll hear how to save time, increase overall tool efficiency and maximize your infrastructure investment.

    See how Gigamon delivers network visibility and analytics for digital apps and services enabling your organization to run fast, stay secure and innovate.
  • Dynamic Network Security Strategies Recorded: Nov 21 2019 40 mins
    Ricardo Font, Product Marketing Manager, Gigamon ThreatINSIGHT
    The need for dynamic network security has never been greater; however, the inability to pinpoint what is real within a myriad of alerts, coupled to the lack of resources required to continually defend against today's onslaught of attacks, degrades overall security and places organizations at risk.

    In this webinar, we will discuss strategies pertaining to the implementation of dynamic network security, specifically:
    - The Approach: Strategies used by leading organizations
    - Detection and Response: Analytics, visibility and key needs
    - Closing the loop: Measuring success

    Attend this webinar and you will be able to identify:
    - What is needed for implementing scalable dynamic network security
    - NDR, EDR and Logging: the best practices for each
    - How to measure improvements: MTTD and MTTR metrics
  • Encrypted Things - Network Detection and Response in an Encrypted World Recorded: Nov 13 2019 43 mins
    Justin Kohler, Sr Director, Customer Success and Sales Engineering, Gigamon Insight
    There has been tremendous growth in the percentage of network traffic that is encrypted over the last decade. With this comes many challenges for incident responders. Decrypting the traffic is often hard, if not impossible. The rise in encrypted traffic has undoubtedly increased privacy for users but we know that threat actors take advantage of it as well. As network defenders our visibility is impacted, and traditional network monitoring detection will not always work.

    In this talk we will discuss the problem of encrypted traffic as it pertains to network detection and response, educate you on new developments in SSL/TLS, and demonstrate how you can still hunt for and detect badness in encrypted traffic. This talk will be relevant to junior analysts all the way up to senior analysts at mature SOCs.
  • Unleash the Power of True Application Visibility Recorded: Oct 3 2019 52 mins
    John Gudmundson – Senior Product Marketing Manager, Gigamon
    You know that metadata helps you separate signal from noise, reduce time-to-threat-detection and improve overall security efficacy. But did you know that application metadata helps you monitor user experience, troubleshoot problematic apps, understand “Shadow IT” usage and improve security posture within your organization?

    Join Gigamon as we discuss the growing need for application-aware network operations and how Gigamon Application Metadata Intelligence provides the deep application visibility needed to rapidly pinpoint performance bottlenecks and potential network security risks. You’ll see how next-gen network packet brokers enhance metadata with intelligence and insights from traffic flows so you’ll discover how to understand the performance and have control of hundreds of critical apps.
  • Strategic Solutions for Effective Network Security in the Cloud Recorded: Sep 26 2019 50 mins
    Rob Ayoub FireEye, Baseer Balazadeh Gigamon, Tom Adamski AWS
    Everyone must work together to protect the cloud. While cloud providers focus on protecting their services and infrastructure, you must ensure that data flowing into the cloud doesn’t leave an opening for attackers.

    Join us on September 26 at 10 a.m. PT/1 p.m. ET, as experts from FireEye, Gigamon and AWS present a webinar on how to:

    •Deploy a security infrastructure that helps you minimize risk by accurately detecting and quickly stopping advanced, targeted and other evasive attacks

    •Achieve greater cloud network visibility by ingesting and capturing traffic data from your cloud infrastructure

    •Apply intelligence to get actionable insights and speed detection and response

    •Fully integrate network forensics to accelerate alert investigation and breach mitigation
  • Incident Response: Make the First 24 Hours Count Recorded: Sep 24 2019 54 mins
    Ricardo Font, Product Marketing Manager, Gigamon Insight & Joe Goldberg, Cloud Practice Manager, CCSI
    Incident response teams are often hampered by an inability to see what is happening on their network, rendering them unable to confidently detect threats or respond quickly and effectively.
    So how can the top law firms accelerate threat detection and response? Join Ricardo Font, Product Marketing Manager for Gigamon Insight, and Matt Pascucci, Cybersecurity Practice Manager for CCSI, as we dive into metadata’s critical role in incident detection and response strategies. Attendees will learn:
    •What the key incident response needs are and how to meet them
    •How to dig deeper into key indicators of compromise using packet captures (PCAP)
    •How metadata can focus incident response efforts through data correlation and enrichment
    Find out how packets can either help or hinder response, all depending on how you use them – register today!
  • Getting to Yes: How to Justify your Network Packet Broker Purchase Recorded: Aug 21 2019 57 mins
    Zeus Kerravala, Principal Analyst at ZK Research & Gordon Beith, Sr. Product Marketing Director, Gigamon
    “Is it worth it?” is a question you must overcome when purchasing new equipment. Fortunately, when it comes to next-generation network packet brokers (NG-NPBs), getting to Yes is easier than you think.

    The latest data from ZK Research shows that next-generation NPBs have grown from simply a nice-to-have to a must-have technology, making it easy to green light your purchase:

    •Winning organizations deploy next-generation NPBs for a faster, more agile infrastructure with fewer disruptions during updates
    •Enables faster transition to hybrid, multi-cloud model without ever losing out on management and security
    •Eliminates blind spots, so fewer security tools are needed

    Arm yourself with the right information to justify your next-generation NPB purchase before you fall into the widening gap between winners and losers. You – and your infrastructure – deserve it.
  • Increase Network Resilience and Optimize Uptime with Inline Bypass Recorded: Aug 20 2019 37 mins
    John Lehane Senior Product Marketing Manager, Gigamon, Haider Jarral Technical Marketing Engineer, Gigamon
    Not again! Don’t be the one to deal with another outage, bottleneck or malfunction. You’re NetOps. Turn inline single points of failure into traffic continuity so you can drive your digital transformation without delays.

    The Paradox
    To drive digital transformation, you need a highly agile, resilient network infrastructure. Yet paradoxically, failing inline tools can end up disrupting the very applications they’re meant to protect. Maintaining maximum performance and the ability to add new tools is critical.

    The Fuel You Need
    Join Gigamon experts to learn how Gigamon’s Visibility Fabric™ with Inline Bypass gives you the fuel injection you need for bypass protection. Find out how to improve daily operations by:

    • Enhancing infrastructure resiliency and availability
    • Reducing operating and monitoring costs
    • Improving efficiencies and cooperation between IT teams
    • Step-by-step GUI configuration examples

    • Get a live demonstration of how Gigamon can enhance the day-to-day operations for NetOps teams to remove the single point of network failure.
  • Why Should I Care About SSL/TLS Decryption? Recorded: Jul 26 2019 52 mins
    Druce McFarlane, Director of Product Management, Security, Gigamon
    We’ve arrived at the second anniversary of the Equifax breach and we now know much more about what happened due to the August 2018 release of the GAO Report. New information came out of that report that was not well-understood at the time of the breach. For example, did you know that while Equifax used a tool for network layer decryption, they had certificates nine months out of date? This lapse gave the threat actors all the time they needed to break in and exfiltrate reams of personal data. As soon as Equifax updated the certs on their decryption tools, they began to realize what happened.
    On the heels of the Equifax breach, we are reminded of the importance of efficient decryption for effective threat detection. That’s more important than ever today; Ponemon Institute reports that 50% of all malware attacks utilize encryption.
    During this webinar, we’ll talk about:
    -How TLS/SSL encryption has become a threat vector
    -Why decryption is essential to security and how to effectively perform detection
    -How to make sure your detection tools are working at their greatest capacity without the latency introduced by decryption
  • Get the Most Out of App-Aware Network Visibility Recorded: Jul 18 2019 59 mins
    Shamus McGillicuddy, Research Director, EMA & Bassam Khan, VP Product & Technical Marketing Engineer, Gigamon
    Got apps? Most companies run hundreds. Application experience can make or break a digital enterprise. That’s why true application-level visibility is a must-have in today’s network operations. While achieving it with legacy solutions is difficult, the benefits of becoming app-aware are more than worth it.

    What the heck is application-aware networking? It’s a cool new way to boost network performance and get the most out of your tools. You can now instantly see all applications running in your network, and manage traffic flow not by packets, but by applications.

    Join EMA Research Director, Shamus McGillicuddy, and Gigamon VP, Product and Technical Marketing, Bassam Khan, for this interactive webinar where they will discuss key topics including:

    •Protect your operations from oversubscription
    •Interrogate and identify unknown apps
    •Protect critical applications from bandwidth hogs

    Best of all, you’ll see a live demo of how Gigamon, an application-aware network packet broker, delivers true application visibility to your organization.

    Register now to see it in action!
  • Don't Let Digital Transformation Wreak Havoc on Your Users! Recorded: Jul 9 2019 59 mins
    Sam Kumarsamy, Sr. Product Marketing Manager, Gigamon
    Yes, digital apps are hyper-agile, but they’re also incredibly complex making it difficult to get visibility into traffic. But without that visibility, how can you truly ensure a great experience?

    Help is at hand. During this webinar, you’ll learn how to build an efficient network architecture to provide an engaging digital experience by:
    •Using tools efficiently by optimizing traffic and preventing packet duplication
    •Enhancing security by collecting and distributing NetFlow metadata to tools
    •Identifying, categorizing and visualizing more than 3,000 applications automatically

    See how pioneering technology Gigamon Application Intelligence helps increase visibility, improve security and, ultimately, exceed user expectations.
  • IT Modernization in the Public Sector: Troubleshoot Network Performance Issues Recorded: Jun 26 2019 39 mins
    John Lehane, Sr. Product Marketing Manager, Gigamon, and Bill Coon, Technical Director, Riverbed
    Join experts from Gigamon and Riverbed as we discuss how Application Intelligence can open up the network “black box” and show you exactly what’s running inside. Find out why the evolution of Network Performance Monitoring (NPM) demands a more integrated approach to Digital Experience Monitoring, and how you can achieve that by leveraging the perspectives of end users and their applications to extend the value of network visibility.
    Attendees will learn how to:
    • Get pervasive visibility of network traffic across geographically dispersed locations
    • Ensure only the right people have access to the network and data center, as well as guarantee optimal performance and availability
    • Receive near real-time actionable alerts based on Government Furnished Information, allowing for mitigation and remediation of incidents that could have gone unnoticed
    • Address issues quickly so that Department of Homeland Security requirements can be met
  • Best Practices for Healthcare Digital Transformation Recorded: Jun 18 2019 43 mins
    John Lehane, Product Marketing & Danny Akacki, Technical Manager, Gigamon; Lyle Kelly, Sr. Systems Engineer, Forescout
    Are you ready for digital transformation? Transformation begins with visibility – looking inside the network “black box” and understanding exactly what’s running. But we know that can be easier said than done, especially in the healthcare industry where privacy, security and compliance are paramount.

    Join our webinar to hear experts from Gigamon and Forescout delve into the network and security challenges they’ve observed in healthcare. Participants will learn how to surmount the challenges in:

    •Achieving visibility of digital app usage across distributed, dynamic environments
    •Ensuring the most relevant application traffic is delivered to the right security tool
    •Pinpointing lateral movement of malware and shadow IT for faster time to detection and remediation
    •Monitoring, tracking and securing Internet of Medical Things (IoMT) devices
    •Integrating new sites and locations into your network
  • Fuel Visibility and Automation in Today’s Hybrid Cloud Environments Recorded: Jun 5 2019 47 mins
    Brandon Butler, Sr. Research Analyst, IDC & Baseer Balazadeh, Sr. Technical Marketing Engineer - Cloud, Gigamon
    Today’s networks are changing with the rise of third-party platforms, including cloud, mobile, social, big data and IoT, causing organizations to implement new tools. What are you doing to keep up with the adoption of modern networks and the challenges they pose from an operational perspective?

    Join our webinar to hear the experts from IDC and Gigamon discuss how to:
    • Extract relevant data across multiple domains to provide insights all the way to the application layer through visibility and monitoring platforms
    • Gain centralized control, faster access to new features and functionality and rapid, dynamic scaling with cloud-based network management systems
    • Improve automated management platforms by integrating insights and analysis from multiple tools
    • Fuel pervasive visibility -- including TLS decryption -- and efficient and secure use of emerging technologies and faster network speeds

    Join us as we address the importance of high-fidelity visibility and monitoring as critical enablers for automation and security. We’ll also look at how the rise of advanced management platforms that integrate visibility, automation and assurance will create intent-based networks.
  • Gain Control of Complex Applications Central to Your Digital Transformation Recorded: May 29 2019 54 mins
    John Gudmundson, Sr. Product Marketing Manager Gigamon
    Today’s applications — complex, sprawling, multi-tiered, opaque — determine the success or failure of digital transformations. Isn’t it time you took control?

    Join us to learn about Application Intelligence, a pioneering set of capabilities for getting the visibility and the context needed to discover, manage and secure your sophisticated applications.

    During this live demonstration, you’ll see how Application Intelligence helps you:
    • Identify and extract traffic from over 3,000 applications
    • Detect and manage shadow IT and rogue apps
    • Separate unnecessary application traffic to greatly improve tool efficiency

    We’ll also preview its application metadata capabilities for help in solving a number of critical concerns such as troubleshooting subpar performance.

    Register now to see it in action >
  • Driving Digital Transformation with Application Intelligence Recorded: May 1 2019 20 mins
    John LeHane, Product Marketing Gigamon
    Accelerate Your Organization’s Digital Transformation

    Is explosive data growth and network complexity hindering your ability to deliver results? You’re not alone: a lack of application visibility makes it difficult to pinpoint and resolve performance issues.

    Join us for our 20 minute interactive webcast to see how application-aware network visibility can accelerate your organization’s digital transformation.

    You will learn:

    • How to simplify network monitoring with granular insight into application traffic
    • How to detect, manage and isolate shadow IT, non-business apps and others
    • Why filtering unnecessary traffic is critical to improving tool efficiency

    Discover how application-aware network visibility can improve the performance of both your network and its tools.
Visibility into physical, virtual, and cloud environments
Gigamon provides active visibility into physical and virtual network traffic, enabling stronger security and superior performance. Gigamon’s Visibility Fabric and GigaSECURE, the industry’s first Security Delivery Platform, deliver advanced intelligence so that security, network and application performance management solutions in enterprise, government and service provider networks operate more efficiently and effectively.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Threat Detection in TLS: The Good, the Bad, and the Ugly
  • Live at: Dec 11 2018 6:00 pm
  • Presented by: Ian Farquhar, Distinguished Sales Engineer, Gigamon
  • From:
Your email has been sent.
or close