Blue Hexagon’s new ability inspects encrypted traffic in real-time

Blue Hexagon’s new ability inspects encrypted traffic in real-time

Blue Hexagon, a deep learning and cybersecurity pioneer, announced an industry-first ability to detect and stop–in real-time–both known and unknown threats hidden within encrypted SSL traffic.

Analyst firm Gartner believes that, “Through 2019, more than 80 percent of enterprise web traffic will be encrypted.” While encryption addresses privacy and legal requirements, security teams now face a challenge where they are blind to a large influx of traffic.

In fact, Gartner also predicts that, “During 2019, more than fifty percent of new malware campaigns will use various forms of encryption and obfuscation to conceal delivery, and to conceal ongoing communications, including data exfiltration.”

There are currently two approaches to address this problem. Security teams can decrypt the traffic and inspect it, but this approach can be a burden on threat inspection performance when performed on next-generation firewalls and usually requires additional network decryption devices.

Other solutions use signature mechanisms like JA3 or machine learning to identify anomalies over large volumes of data but these solutions can be unreliable and result in lots of false positives.

Overcoming both of these challenges, Blue Hexagon uses deep learning to enable real-time inspection of encrypted traffic without negatively affecting network speed and performance, or requiring additional devices.

“As more and more web traffic is encrypted, and as threat actors develop ways to hide malicious communications or payload in that traffic, it is a security imperative tha ..