Hi [[ session.user.profile.firstName ]]

Threat Detection in TLS: The Good, the Bad, and the Ugly

While TLS (formerly known as SSL) has become the de facto way of encrypting data in motion on networks, it can also hide threats from your InfoSec team. As the volume of encrypted traffic continues to grow, organizations become even more vulnerable to encrypted attacks, hidden command and control threats and data exfiltration exploits that go undetected.

To make this situation even more complex, the TLS 1.3 draft 28 proposal, ratified at the IETF 101 conference in London and now moving toward official RFC status, has actually removed the visibility which was widely deployed for threat identification in TLS 1.2.

Once again, InfoSec teams find themselves at the fulcrum of a delicate balancing act. On one hand, encryption is moving toward ubiquity but on the other, we need to detect when threat actors use it too. And in detecting that misuse, we need to acknowledge and address critical management, troubleshooting, legal, regulatory, ethical and technical concerns. For example, we can’t decrypt just at the edge of our networks if we believe “perimeter security is dead.” Proxies on the network edge are a step backwards.

What can you do? “Threat Detection in TLS: The Good, the Bad and the Ugly” will discuss the necessity of deploying TLS decryption in the core of networks and will explore innovative architectures that deliver that capability while maintaining availability and reliability.

Learn how organizations can manage growing SSL/TLS traffic volumes by creating a centralized “decryption zone” to decrypt traffic once and give security tools newfound visibility into formerly encrypted traffic and threats.
Recorded Dec 11 2018 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ian Farquhar, Distinguished Sales Engineer, Gigamon
Presentation preview: Threat Detection in TLS: The Good, the Bad, and the Ugly
  • Channel
  • Channel profile
  • Strategic Solutions for Effective Network Security in the Cloud Sep 26 2019 5:00 pm UTC 75 mins
    Rob Ayoub FireEye, Baseer Balazadeh Gigamon, Tom Adamski AWS
    Everyone must work together to protect the cloud. While cloud providers focus on protecting their services and infrastructure, you must ensure that data flowing into the cloud doesn’t leave an opening for attackers.

    Join us on September 26 at 10 a.m. PT/1 p.m. ET, as experts from FireEye, Gigamon and AWS present a webinar on how to:

    •Deploy a security infrastructure that helps you minimize risk by accurately detecting and quickly stopping advanced, targeted and other evasive attacks

    •Achieve greater cloud network visibility by ingesting and capturing traffic data from your cloud infrastructure

    •Apply intelligence to get actionable insights and speed detection and response

    •Fully integrate network forensics to accelerate alert investigation and breach mitigation
  • Incident Response: Make the First 24 Hours Count Sep 24 2019 4:00 pm UTC 60 mins
    Ricardo Font, Product Marketing Manager, Gigamon Insight & Matt Pascucci, Cybersecurity Practice Manager, CCSI
    Incident response teams are often hampered by an inability to see what is happening on their network, rendering them unable to confidently detect threats or respond quickly and effectively.
    So how can the top law firms accelerate threat detection and response? Join Ricardo Font, Product Marketing Manager for Gigamon Insight, and Matt Pascucci, Cybersecurity Practice Manager for CCSI, as we dive into metadata’s critical role in incident detection and response strategies. Attendees will learn:
    •What the key incident response needs are and how to meet them
    •How to dig deeper into key indicators of compromise using packet captures (PCAP)
    •How metadata can focus incident response efforts through data correlation and enrichment
    Find out how packets can either help or hinder response, all depending on how you use them – register today!
  • Getting to Yes: How to Justify your Network Packet Broker Purchase Recorded: Aug 21 2019 57 mins
    Zeus Kerravala, Principal Analyst at ZK Research & Gordon Beith, Sr. Product Marketing Director, Gigamon
    “Is it worth it?” is a question you must overcome when purchasing new equipment. Fortunately, when it comes to next-generation network packet brokers (NG-NPBs), getting to Yes is easier than you think.

    The latest data from ZK Research shows that next-generation NPBs have grown from simply a nice-to-have to a must-have technology, making it easy to green light your purchase:

    •Winning organizations deploy next-generation NPBs for a faster, more agile infrastructure with fewer disruptions during updates
    •Enables faster transition to hybrid, multi-cloud model without ever losing out on management and security
    •Eliminates blind spots, so fewer security tools are needed

    Arm yourself with the right information to justify your next-generation NPB purchase before you fall into the widening gap between winners and losers. You – and your infrastructure – deserve it.
  • Increase Network Resilience and Optimize Uptime with Inline Bypass Recorded: Aug 20 2019 37 mins
    John Lehane Senior Product Marketing Manager, Gigamon, Haider Jarral Technical Marketing Engineer, Gigamon
    Not again! Don’t be the one to deal with another outage, bottleneck or malfunction. You’re NetOps. Turn inline single points of failure into traffic continuity so you can drive your digital transformation without delays.

    The Paradox
    To drive digital transformation, you need a highly agile, resilient network infrastructure. Yet paradoxically, failing inline tools can end up disrupting the very applications they’re meant to protect. Maintaining maximum performance and the ability to add new tools is critical.

    The Fuel You Need
    Join Gigamon experts to learn how Gigamon’s Visibility Fabric™ with Inline Bypass gives you the fuel injection you need for bypass protection. Find out how to improve daily operations by:

    • Enhancing infrastructure resiliency and availability
    • Reducing operating and monitoring costs
    • Improving efficiencies and cooperation between IT teams
    • Step-by-step GUI configuration examples

    • Get a live demonstration of how Gigamon can enhance the day-to-day operations for NetOps teams to remove the single point of network failure.
  • Why Should I Care About SSL/TLS Decryption? Recorded: Jul 26 2019 52 mins
    Druce McFarlane, Director of Product Management, Security, Gigamon
    We’ve arrived at the second anniversary of the Equifax breach and we now know much more about what happened due to the August 2018 release of the GAO Report. New information came out of that report that was not well-understood at the time of the breach. For example, did you know that while Equifax used a tool for network layer decryption, they had certificates nine months out of date? This lapse gave the threat actors all the time they needed to break in and exfiltrate reams of personal data. As soon as Equifax updated the certs on their decryption tools, they began to realize what happened.
    On the heels of the Equifax breach, we are reminded of the importance of efficient decryption for effective threat detection. That’s more important than ever today; Ponemon Institute reports that 50% of all malware attacks utilize encryption.
    During this webinar, we’ll talk about:
    -How TLS/SSL encryption has become a threat vector
    -Why decryption is essential to security and how to effectively perform detection
    -How to make sure your detection tools are working at their greatest capacity without the latency introduced by decryption
  • Get the Most Out of App-Aware Network Visibility Recorded: Jul 18 2019 59 mins
    Shamus McGillicuddy, Research Director, EMA & Bassam Khan, VP Product & Technical Marketing Engineer, Gigamon
    Got apps? Most companies run hundreds. Application experience can make or break a digital enterprise. That’s why true application-level visibility is a must-have in today’s network operations. While achieving it with legacy solutions is difficult, the benefits of becoming app-aware are more than worth it.

    What the heck is application-aware networking? It’s a cool new way to boost network performance and get the most out of your tools. You can now instantly see all applications running in your network, and manage traffic flow not by packets, but by applications.

    Join EMA Research Director, Shamus McGillicuddy, and Gigamon VP, Product and Technical Marketing, Bassam Khan, for this interactive webinar where they will discuss key topics including:

    •Protect your operations from oversubscription
    •Interrogate and identify unknown apps
    •Protect critical applications from bandwidth hogs

    Best of all, you’ll see a live demo of how Gigamon, an application-aware network packet broker, delivers true application visibility to your organization.

    Register now to see it in action!
  • Don't Let Digital Transformation Wreak Havoc on Your Users! Recorded: Jul 9 2019 59 mins
    Sam Kumarsamy, Sr. Product Marketing Manager, Gigamon
    Yes, digital apps are hyper-agile, but they’re also incredibly complex making it difficult to get visibility into traffic. But without that visibility, how can you truly ensure a great experience?

    Help is at hand. During this webinar, you’ll learn how to build an efficient network architecture to provide an engaging digital experience by:
    •Using tools efficiently by optimizing traffic and preventing packet duplication
    •Enhancing security by collecting and distributing NetFlow metadata to tools
    •Identifying, categorizing and visualizing more than 3,000 applications automatically

    See how pioneering technology Gigamon Application Intelligence helps increase visibility, improve security and, ultimately, exceed user expectations.
  • IT Modernization in the Public Sector: Troubleshoot Network Performance Issues Recorded: Jun 26 2019 39 mins
    John Lehane, Sr. Product Marketing Manager, Gigamon, and Bill Coon, Technical Director, Riverbed
    Join experts from Gigamon and Riverbed as we discuss how Application Intelligence can open up the network “black box” and show you exactly what’s running inside. Find out why the evolution of Network Performance Monitoring (NPM) demands a more integrated approach to Digital Experience Monitoring, and how you can achieve that by leveraging the perspectives of end users and their applications to extend the value of network visibility.
    Attendees will learn how to:
    • Get pervasive visibility of network traffic across geographically dispersed locations
    • Ensure only the right people have access to the network and data center, as well as guarantee optimal performance and availability
    • Receive near real-time actionable alerts based on Government Furnished Information, allowing for mitigation and remediation of incidents that could have gone unnoticed
    • Address issues quickly so that Department of Homeland Security requirements can be met
  • Best Practices for Healthcare Digital Transformation Recorded: Jun 18 2019 43 mins
    John Lehane, Product Marketing & Danny Akacki, Technical Manager, Gigamon; Lyle Kelly, Sr. Systems Engineer, Forescout
    Are you ready for digital transformation? Transformation begins with visibility – looking inside the network “black box” and understanding exactly what’s running. But we know that can be easier said than done, especially in the healthcare industry where privacy, security and compliance are paramount.

    Join our webinar to hear experts from Gigamon and Forescout delve into the network and security challenges they’ve observed in healthcare. Participants will learn how to surmount the challenges in:

    •Achieving visibility of digital app usage across distributed, dynamic environments
    •Ensuring the most relevant application traffic is delivered to the right security tool
    •Pinpointing lateral movement of malware and shadow IT for faster time to detection and remediation
    •Monitoring, tracking and securing Internet of Medical Things (IoMT) devices
    •Integrating new sites and locations into your network
  • Fuel Visibility and Automation in Today’s Hybrid Cloud Environments Recorded: Jun 5 2019 47 mins
    Brandon Butler, Sr. Research Analyst, IDC & Baseer Balazadeh, Sr. Technical Marketing Engineer - Cloud, Gigamon
    Today’s networks are changing with the rise of third-party platforms, including cloud, mobile, social, big data and IoT, causing organizations to implement new tools. What are you doing to keep up with the adoption of modern networks and the challenges they pose from an operational perspective?

    Join our webinar to hear the experts from IDC and Gigamon discuss how to:
    • Extract relevant data across multiple domains to provide insights all the way to the application layer through visibility and monitoring platforms
    • Gain centralized control, faster access to new features and functionality and rapid, dynamic scaling with cloud-based network management systems
    • Improve automated management platforms by integrating insights and analysis from multiple tools
    • Fuel pervasive visibility -- including TLS decryption -- and efficient and secure use of emerging technologies and faster network speeds

    Join us as we address the importance of high-fidelity visibility and monitoring as critical enablers for automation and security. We’ll also look at how the rise of advanced management platforms that integrate visibility, automation and assurance will create intent-based networks.
  • Gain Control of Complex Applications Central to Your Digital Transformation Recorded: May 29 2019 54 mins
    John Gudmundson, Sr. Product Marketing Manager Gigamon
    Today’s applications — complex, sprawling, multi-tiered, opaque — determine the success or failure of digital transformations. Isn’t it time you took control?

    Join us to learn about Application Intelligence, a pioneering set of capabilities for getting the visibility and the context needed to discover, manage and secure your sophisticated applications.

    During this live demonstration, you’ll see how Application Intelligence helps you:
    • Identify and extract traffic from over 3,000 applications
    • Detect and manage shadow IT and rogue apps
    • Separate unnecessary application traffic to greatly improve tool efficiency

    We’ll also preview its application metadata capabilities for help in solving a number of critical concerns such as troubleshooting subpar performance.

    Register now to see it in action >
  • Driving Digital Transformation with Application Intelligence Recorded: May 1 2019 20 mins
    John LeHane, Product Marketing Gigamon
    Accelerate Your Organization’s Digital Transformation

    Is explosive data growth and network complexity hindering your ability to deliver results? You’re not alone: a lack of application visibility makes it difficult to pinpoint and resolve performance issues.

    Join us for our 20 minute interactive webcast to see how application-aware network visibility can accelerate your organization’s digital transformation.

    You will learn:

    • How to simplify network monitoring with granular insight into application traffic
    • How to detect, manage and isolate shadow IT, non-business apps and others
    • Why filtering unnecessary traffic is critical to improving tool efficiency

    Discover how application-aware network visibility can improve the performance of both your network and its tools.
  • Don’t Let Digital Transformation Wreak Havoc on Your Network! Recorded: Apr 30 2019 53 mins
    Sam Kumarsamy, Sr. Product Marketing Manager Gigamon
    Yes, digital apps are hyper-agile, but they’re also incredibly complex making it difficult to get visibility into traffic. But without that visibility, how can you truly ensure a great experience?

    Help is at hand. During this webinar, you’ll learn how to build an efficient network architecture to provide an engaging digital experience by:

    •Using tools efficiently by optimizing traffic and preventing packet duplication
    •Enhancing security by collecting and distributing NetFlow metadata to tools
    •Identifying, categorizing and visualizing more than 3,000 applications automatically

    See how pioneering technology Gigamon Application Intelligence helps increase visibility, improve security and, ultimately, exceed user expectations.
  • 2019 Cyberthreat Defense Report Recorded: Apr 23 2019 59 mins
    Mark Bouchard, Co-Founder and COO, CyberEdge Group Ian Farquhar, Distinguished Consultant Sales Engineer, Worldwide Security
    New research from CyberEdge’s 2019 Cyberthreat Defense Report shows that in spite of increasing cybersecurity budgets, organizations are dealing with ongoing cyberattacks, challenges finding and properly utilizing both human and financial resources, and obstacles to threat hunting within their environments. Sign up for this webinar to learn how to:

    •Gain pervasive visibility into your network for better threat hunting
    •Deal with inevitable cyberattacks, including malware, phishing and ransomware, including those that enter the organization via the supply channel
    •Become more effective by delivering optimized traffic to tools
    •Overcome skills shortages and retain key staff through efficiency, automation and orchestration
    •Accelerate deployment and integration of new security tools

    Learn how IT security pros plan to protect themselves against cyberthreats in 2019.
    Register now!
  • Accelerating Enhanced Threat Identification and Incident Investigation Recorded: Mar 21 2019 60 mins
    David Monahan, Enterprise Management Associates; Stephen Hinck, Gigamon Insight, Steve Porcello, Gigamon Insigh
    Only 28 percent of organizations have alerting systems with enough context to provide highly accurate incident classification, thus requiring manual verification and reclassification of 95 percent of most organizations’ incidents. In addition, 48 percent of organizations had a security incident that caused moderate to severe business impact. Delays in identifying threats and the lack of information that extends the length of incident investigations cause real business problems.

    Enterprise Management Associates (EMA) released its 2019 “Top 3 Decision-Makers’ Guide to Security Analytics.” In this webinar David Monahan, Managing Research Director for Security and Risk Management at EMA, Stephen Hinck, Product Manager for Gigamon Insight, and Steve Porcello, Sales Engineer for Gigamon Insight, will discuss the key use cases “Identifying Advanced Threats” and “Enhancing Incident Investigations,” and will also demonstrate how security teams can obtain greater context for decision-making in order to solve these real-world problems faster using Gigamon Insight.

    Join leading IT analyst firm Enterprise Management Associates (EMA) and Gigamon to learn more about:
    •The methodology behind the report
    •What to watch for in selecting a security analytics solution
    •How to identify threats faster, thus reducing dwell time
    •How threat actors exploit Internet presence within the context of business and security management tools, issues, and practices
    •How access to a broad array of network data reduces the attack surface
  • How to Optimize Network Performance During Infrastructure Transformation Recorded: Feb 27 2019 48 mins
    Sam Kumarsamy, Senior Product Marketing Manager, Gigamon
    How do you reduce complexity of your transforming infrastructure, gain greater IT tool efficiency and maximize visibility into your network? The right solution should empower you to produce better outcomes with less effort at lower cost. That is where a next-generation packet broker comes into play.

    Join Gigamon to get the latest best practices to:
    • Acquire and aggregate all network traffic for better visibility
    • Stop duplicate packets from overloading your tools
    • Filter traffic to provide the right data to the right tools
    • Optimize compliance and reduce risk across your entire IT environment

    If you need to optimize your tools, improve network performance and availability, get better insights into threats and enable your Network Operations and Security Operations teams to collaborate, you won’t want to miss this technical webinar.
  • To Whack or Not to Whack — Incident Response and Breach Mitigation Recorded: Feb 20 2019 45 mins
    Danny Akacki, Sr. Technical Account Manager, Gigamon Insight and TJ Biehle,Sr. Technical Account Manager, Gigamon Insight
    To whack, or not to whack, that is the question:
    Whether ‘tis nobler in the mind to torch all
    The compromised boxes on your poor network,
    Or to take arms against a sea of malware
    And by blocking stop them all.

    So, what do you do during an active security incident? When is the proper time to whack-a-mole with your mallet? Is it better to light everything on fire and start over, or should you make observations a key component of your response and mitigation strategy? In this webinar, we'll discuss strategies for when it's time to scorch the earth versus sit back with a cup of tea, gaining intel into what active adversaries are doing in your house.

    We’ll break down some of the most important points to remember during the commotion of an active incident response, including:

    •Context is king. We’ll explain the important questions you need to be ask when scoping an incident to get an improved view of the situation.
    •Thinking fast and slow. It’s understandable to want to nuke everything from orbit just to be thorough, but it’s usually not the smartest play. We’ll outline the potential benefits and risks of hasty containment and remediation efforts versus slow, thoughtful analysis when executing a response game plan.
    •The law of diminishing returns. There can be a tipping point where the cost of your decisions and polices no longer justify the answers you’ll find. We’ll talk you through some tactics to find the sweet spot between effort and return.
  • Best Practices for Protecting Your Business from Cybercrime Recorded: Feb 19 2019 62 mins
    Michelle Drolet (Towerwall), Michael Thelander (Venafi), William Peteroy (Gigamon), Kalani Enos (kenos)
    Cybercrime has evolved from random activities being carried out by individuals into a billion dollar illegal industry that continues to grow. How is cybersecurity keeping up with the rise of cybercrime?

    Join this panel of security experts to learn more about:
    - Trends in cybercrime and lessons learned in 2018
    - The cost of data breaches
    - Rise of cryptojacking and ransomware
    - Who are the players who make up the world of cybercrime (e.g. programmers, distributors, fraudsters, etc.)
    - The CISO vs the cybercriminal
    - Best practices for protecting your business

    - Michelle Drolet, CEO, Towerwall
    - Michael Thelander, Director of Product Marketing, Venafi
    - William Peteroy, Security CTO, Gigamon
    - Kalani Enos, Founder & CEO, kenos Technologies (Moderator)
  • Network Architecture With Security in Mind Recorded: Jan 30 2019 61 mins
    Matt Bromiley, Instructor and Security Expert, SANS and Sam Kumarsamy, Senior Product Marketing Manager, Gigamon
    It’s time to face a hard truth: modern enterprise networks can be extremely – sometimes painfully – complex to manage and defend. Increased network speeds to 100Gb, unfettered access to cloud applications and end-to-end encryption are just some of the requirements of today’s employees. When you add in mobile and IoT devices, the complexity grows exponentially, especially when it comes to the security of the networks to which they connect.

    And when we couple expanding networks with security needs, many organizations struggle to protect their users. This leads to conflicts between NetOps and SecOps goals. The networking team is concerned about availability and performance to ensure the business is being conducted whereas the security team needs to ensure the data and the users are safe from bad actors.

    We need a new approach that provides pervasive visibility to data flowing across the physical, virtual and cloud infrastructure to ensure that the right traffic is sent to the right security tools. This approach should also enable SecOps and NetOps to collaborate and improve the security posture of an organization

    Watch this SANS webinar to learn:
    •The common security pain points as networks expand and grow with increasing speeds
    •How today’s users are forcing organizations to consider/include security in their network architecture
    •How a lack of security can impact network availability and performance
    •How to bridge the NetOps and SecOps divide

    We will discuss how pervasive network visibility improves security tool utilization and can shorten detection and response times. We hope this webcast will inspire you to reassess the current state of your network and security infrastructure to enable collaboration between the two teams and improve your security posture. Watch now!
  • Want Better Network Visibility with Less Complexity? Here's How! Recorded: Jan 22 2019 54 mins
    Bob Laliberte, Senior Analyst, ESG and Sam Kumarsamy, Senior Product Marketing Manager, Gigamon
    Enable IT Collaboration with a Common Distributed Data Services Layer.

    The IT environment is rapidly changing, becoming more distributed and complex as organizations transform themselves to provide better digital experiences. Because these improved experiences will be more dependent on the network, it’s imperative for organizations to properly plan and prepare now to eliminate security blind spots. The bottom line is that companies need complete visibility into their physical, virtual and cloud infrastructure to detect and contain data breaches and mitigate risk.

    To accomplish this, successful organizations resist the legacy mentality that relies on more people and more tools at every location. Instead, they are turning to a new architectural approach that disaggregates the speed of the network from the speed of the tools inspecting traffic on that network. This innovative approach allows enterprises to absorb change in network speed and technology without compromising security.

    ESG believes the foundational step in this approach is to ensure comprehensive infrastructure visibility across data centers and distributed edge and cloud environments. To do this, organizations must have a common distributed data services layer that can collect, process and distribute the right information to the right tools at the right time.

    Join us to learn how a consolidated network architecture that includes security delivers better visibility, reduces complexity and increases tool efficiency.
Visibility into physical, virtual, and cloud environments
Gigamon provides active visibility into physical and virtual network traffic, enabling stronger security and superior performance. Gigamon’s Visibility Fabric and GigaSECURE, the industry’s first Security Delivery Platform, deliver advanced intelligence so that security, network and application performance management solutions in enterprise, government and service provider networks operate more efficiently and effectively.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Threat Detection in TLS: The Good, the Bad, and the Ugly
  • Live at: Dec 11 2018 6:00 pm
  • Presented by: Ian Farquhar, Distinguished Sales Engineer, Gigamon
  • From:
Your email has been sent.
or close