Finding Hidden Threats by Decrypting SSL

by Michael Butler
Sept. 1, 2017 0 comments SANS Institute Encryption & Authentication covert channels incident handling

SSL encryption is crucial to protecting data in transit during web transactions, email communications and the use of mobile apps. Data encrypted with this common method can sometimes pass uninspected through almost all the components of your security framework, both inbound and outbound. As such, SSL encryption has become a ubiquitous tool for the enemy to hide sensitive data transfers and to obfuscate their command and control communications.

https://www.sans.org/reading-room/whitepapers/analyst/finding-hidden-threats-decrypting-ssl-34840