I recently contributed another column to Security Week about attackers launching attacks over HTTPS more than ever before. With an increased level of encrypted traffic on enterprise networks, attackers are taking advantage of this blind spot within the organization’s security model.
Social Media services and online financial services have become targets. Most will employ different layers of defense for an encrypted attack. However, this approach will not be effective if an attack included an availability-based threat vector such as Denial of Service attack or zero-day advanced threats.
This is because processing an encrypted attack consumes more system resources than processing non-encrypted data. As a result, an attacker is able to make a big impact even at relatively low rates of requests per second. The solutions that can decrypt the traffic can only detect the known low rate attacks rather than the unknowns (zero-day).
To really help mitigate an attack such as this, a network needs to include another layer which is the network wide attack protection.
I share my thoughts on what an organization needs in order to successfully handle these threats and invite you to read this column to learn more about it. You can also tweet about the column to share it with your followers.
Avi manages Radware’s security business unit and the security roadmap for the company’s attack mitigation system. This includes defining all product management and product marketing operations, the theoretical basis for current and future security products, and research and design of core product algorithms. He also holds several patents related to network security. Avi writes on a variety of security topics including application security, behavioral analysis, data loss, and wireless/mobile security.