While SSL/TLS encryption is important for protecting sensitive data during transmission, it does create a blind spot for network defenders. The encryption process scrambles data, which makes it unintelligible to anyone intercepting it. This is crucial for preventing unauthorized access to information like credit card numbers, login credentials, and personal details. However, the same encryption that safeguards data also conceals its contents from security monitoring systems.
Cybercriminals are well aware of this limitation and exploit it to their advantage. They can use encrypted channels to conceal malicious activities like malware downloads, data exfiltration and command-and-control communications. This makes it harder for security teams to identify and stop attacks before they cause substantial damage.
So, basically SSL/TLS encryption is a double-edged sword. While it is essential for protecting data privacy, it can also hinder threat detection and response efforts. To mitigate this risk, organizations need to implement additional security measures. Or organizations can turn to Stamus Networks and Array Networks with their two product collaborations that unlock new network-based threat detection and response (NDR) capabilities for existing programs as well as new opportunities for organizations that couldn't previously justify the cost in some ultra-high throughput applications.
Stamus Networks is a global provider of high-performance NDR systems, and Array Networks is known for its role in application delivery and cybersecurity products.
The two joint solutions are high-speed network traffic decryption for advanced threat detection and response, and intelligent traffic optimization and aggregation for high-performance threat detection and response
For high-speed network traffic decryption for advanced threat detection and response, there’s the combination of the Array SSL Intercept and the Stamus Security Platform. The Array SSL Intercept acts as a secure proxy that decrypts SSL/TLS traffic and then sends the data to the Stamus Security Platform for inspection. The Stamus Security Platform delivers actionable network visibility and multi-layered threat detection to security teams, and then the Array SSL Intercept re-encrypts the traffic before it's forwarded to its destination.
“While we've developed very effective capabilities to identify threats in encrypted communications, some organizations still require complete visibility into all communications,” said Stamus Networks CEO Ken Gramley. “The combination of the Stamus Security Platform and the Array SSL Intercept offers a powerful solution to a historically difficult problem and provides enterprise security teams with unprecedented visibility into threats.”
For intelligent traffic optimization and aggregation for high-performance threat detection and response, the Array Network Traffic Broker paired with the Stamus Security Platform aggregates and optimizes network traffic for cost savings and streamlined NDR deployments.
The Array Network Traffic Broker serves as an intelligent traffic management layer, capturing, aggregating and filtering network traffic from various sources. It intelligently directs traffic to the Stamus Security Platform to ensure optimal utilization of its threat detection capabilities.
Specifically, the Array Network Traffic Broker aggregates and filters high traffic volumes from various network segments, including data centers, branch offices and cloud environments. It then delivers this optimized traffic to the Stamus Security Platform, which analyzes it for signs of malicious activity.
The Array Network Traffic Broker also aggregates traffic from multiple network segments into a single Stamus Network Probe. This optimizes NDR deployments and makes them manageable and affordable for companies of all sizes.
“Our partnership with Stamus Networks aims to provide comprehensive network visibility and threat detection and response capabilities to as many organizations as possible,” said Vishal Parikh, Strategy & Alliance Head at Array Networks. “These first two product pairings are the first of many. We look forward to continued collaboration that will result in powerful and practical solutions that overpower traditional security roadblocks to keep organizations cyber resilient.”
Edited by
Alex Passett
