Gigamon announces pre-encryption technology to provide deep monitoring across hybrid cloud infrastructures, ETCIO SEA
Gigamon, a leading deep observability company, has announced a series of advanced cybersecurity innovations for the Gigamon Deep Observability Pipeline in its latest GigaVUE 6.4 software release. Leading the way, Gigamon Precryption enables IT and security organizations, for the first time with an automated solution, to gain unobstructed visibility into encrypted traffic across virtual machine (VM) or container workloads to perform advanced threat detection, investigation and response across a hybrid cloud infrastructure – all In a highly efficient manner. Although encryption is intended for security and privacy, it has become a hiding place for cybercriminals, with more than 93 percent of malware now lurking behind encryption. With today’s announcement at the company’s flagship Visualyze Bootcamp, Gigamon helps IT organizations eliminate these blind spots by highlighting threat activity previously hidden within encrypted traffic, strengthening the strong foundation of Zero Trust.Undetected threats lurk in encrypted traffic
According to the recent Gigamon 2023 Hybrid Cloud Security Survey, more than 70 percent of 1,000 IT and security leaders surveyed admit that they do not currently inspect encrypted data flowing through their hybrid cloud infrastructure. This represents a serious business risk because encrypted data cannot be adequately analyzed, and malware threats cannot be detected by security and monitoring tools alone as encrypted data travels internally, externally, or horizontally across the organization.
“As we become increasingly reliant on the cloud, the ability to inspect encrypted communications is critical in keeping the U.S. Holocaust Memorial Museum and its assets safe and secure from threat actors,” said Michael Trofi, Director of Trofi Security. “With Precryption, Gigamon is ten years ahead in security with technology that detects previously hidden threat activity in a highly efficient way that allows us to move away from monolithic firewall architectures and complex decryption standards toward an efficient distributed model where our servers handle the processing without compromising performance.” Gigamon Precryption will benefit the security industry as a whole, and is a technology that organizations should closely evaluate as they migrate their operations to the cloud.
Gigamon Precryption Technology: For all encryption technologies and cloud traffic
Gigamon Precryption technology uncovers previously hidden threat activity, including lateral movement, malware distribution, and data exfiltration within virtualized, cloud, and container applications. Its innovative approach leverages eBPF technology within the Linux kernel to provide plaintext visibility, capturing traffic before encryption or after decryption. No keys need to be intercepted or sniffed, and no expensive decryption is required. Furthermore, pre-coding technology operates independently of the application, avoiding the operational challenges of traditional agent-based methods.
“Gigamon Precryption technology addresses the critical security challenge of our ability to see certain encrypted traffic, which has the potential to expose our multi-cloud environment and business to unseen threats,” said Michael McCann, Director of Network and Information Systems at Foxwoods Resort Casino. . “When I realized that Gigamon Precryption removes the complexity of key management and enables us to detect threats with a single view, it became clear that this technology would redefine our security operations and significantly enhance our security posture.”
“Global organizations are increasingly successful in unifying security logs into a security data lake, but encrypted traffic poses a real challenge,” said Omar Singer, head of cybersecurity strategy at Snowflake. “Industry advances like Gigamon Precryption technology offer a compelling path for organizations to turn encrypted cloud traffic into visibility for improved security and compliance across hybrid cloud infrastructure.”
Gigamon Precryption technology addresses a range of advanced security requirements and:
- Easily enable InfoSec, Network, and CloudOps teams to gain complete visibility into encrypted traffic across virtual machines or container workloads.
- Works seamlessly with modern encryption methods, including TLS 1.3 or TLS 1.2 with Perfect Forward Secrecy (PFS) enabled, and legacy encryption methods, including TLS 1.2 without PFS.
- Fully supports organizations with sensitive personally identifiable information (PII) by hiding this traffic from view to maintain data security, compliance, and governance.
- It significantly reduces the operational complexity associated with decryption by eliminating cumbersome private key management for key sharing, passing, and library updates.
- It efficiently offloads TLS decryption from cloud, security and observability tools, significantly enhancing their capacity and performance.
“In a recent study of IT and security leaders in large organizations, we found that 50% accept the risk and are not decrypting traffic today due to technical and cost challenges,” said Christopher Stephen, Vice President of Research at EMA. “While organizations have a Zero Trust goal, it’s clear that half of them have no hope of achieving it. It’s time to pull visibility into encrypted traffic from the ‘hard, impossible, and too expensive’ bucket. Through innovations like Gigamon Precryption technology, organizations can Get the deep observability you need to meet evolving standards, regulatory compliance, and secure your hybrid cloud infrastructure with confidence.
“As cloud adoption accelerates across a growing number of private and public platforms, organizations must also address the escalating risks of threat activity hidden within encrypted traffic,” said Michael Dickman, chief product officer at Gigamon. “Until now, decrypting cloud traffic has been tedious and expensive. With Gigamon Precryption technology, we are turning the tables on cybercriminals by providing deep monitoring of encrypted traffic, allowing customers to dramatically improve their security posture across any number of clouds.” and workloads, without any burden on developers.
(Tags for translation)Gigamon