Under Attack?
Search
Menu
  • Blog
  • DDoS Attacks
  • Security Week Article: The Missing Layer Against Encrypted Attacks

Security Week Article: The Missing Layer Against Encrypted Attacks

By Avi CheslaDecember 5, 2012

I recently contributed another column to Security Week about attackers launching attacks over HTTPS more than ever before. With an increased level of encrypted traffic on enterprise networks, attackers are taking advantage of this blind spot within the organization’s security model.

Social Media services and online financial services have become targets. Most will employ different layers of defense for an encrypted attack. However, this approach will not be effective if an attack included an availability-based threat vector such as Denial of Service attack or zero-day advanced threats.

This is because processing an encrypted attack consumes more system resources than processing non-encrypted data. As a result, an attacker is able to make a big impact even at relatively low rates of requests per second. The solutions that can decrypt the traffic can only detect the known low rate attacks rather than the unknowns (zero-day).

To really help mitigate an attack such as this, a network needs to include another layer which is the network wide attack protection.

I share my thoughts on what an organization needs in order to successfully handle these threats and invite you to read this column to learn more about it. You can also tweet about the column to share it with your followers.

Posted in: DDoS Attacks SecurityTags:

Avi Chesla

Avi manages Radware’s security business unit and the security roadmap for the company’s attack mitigation system. This includes defining all product management and product marketing operations, the theoretical basis for current and future security products, and research and design of core product algorithms. He also holds several patents related to network security. Avi writes on a variety of security topics including application security, behavioral analysis, data loss, and wireless/mobile security.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
Close

What are you looking for?