Last summer, Cisco announced a product called Encrypted Traffic Analysis (ETA), which solves one of the biggest cybersecurity problems — finding malware in encrypted traffic.
The use of encrypted traffic continues to grow. In fact, it’s over half of all traffic today and will be well over 80 percent by 2020. The benefit of encrypting traffic is that the bad guys can’t access the data, so it’s protected. The downside of it is that security tools can’t inspect it for malware, making it the perfect place for a threat actor to hide any kind of malicious traffic.
Cisco’s ETA duses a combination of telemetry information generated by Cisco network infrastructure and machine learning algorithms to look for the differences between good and possibly infected traffic. One of the secrets of the security industry is that most malware is only a slight deviation from existing malware. The right machine learning algorithms with the right data can identify the encrypted traffic that might contain malware. That traffic can then be sent to advanced security tools, such as Cisco Stealthwatch, for further investigation and cleansing.
Read more about Cisco’s ETA and how it finds malware in encrypted traffic, thereby solving one of the biggest cybersecurity problems on CSO.