Get In Touch
Recently by Jim Black
In the first blog post I covered why HTTPS web traffic has grown to unprecedented levels, provided a TLS primer and looked at the basic concept of intercepting and inspecting HTTPS web traffic with Man-In-The-Middle techniques (MITM). In the second part, I will dive a bit deeper into how the TLS MITM capability has been implemented in Akamai's Enterprise Threat Protector (ETP) service.
In this series of blogs I'm going to talk about how the continued move towards all web traffic being encrypted has impacted enterprise security. In this blog I'm going to focus on the basics - what is encrypted web traffic and how can you proactively control this.
I've written in previous blogs about the value of using DNS as a security control point and how using a DNS based security solution like Akamai's Enterprise Threat Protector can help accelerate your transition to a Zero Trust security approach.
Recursive DNS communications are normally unencrypted between a client and a resolver. In an effort to improve user privacy and address security concerns, Mozilla announced it would begin enabling DNS over HTTPS (DoH) by default in its Firefox browser. However, Mozilla recognized it would be necessary in some cases for enterprises to be able to inspect DNS traffic to enforce security controls. Consequently, Firefox also supports a "Network Signal" that,
In my previous blogs, I wrote about how phishing is no longer just an email problem, how the industrialization of phishing is being driven by the easy availability and low cost of phishing toolkits, and how current phishing defenses are being bypassed by attackers.
In my previous phishing blogs, I wrote about the evolution of phishing and the industrialization of phishing that's being driven by the availability and low cost of toolkits.
As I mentioned in my previous blog post, phishing attacks are now being created and executed on an industrial scale. Malicious actors are increasingly using highly sophisticated off-the-shelf phishing kits that allow them to deliver very targeted, short-lived attacks. These campaigns direct victims to a phishing web page that's an exact copy of a consumer or enterprise brand's site. This has lowered the barrier to entry for launching phishing attacks.
Phishing has been around for nearly as long as email has, and the perception that phishing tactics have not evolved persists. Many people believe we are still in the era of the easy-to-spot "Nigerian prince" emails, shown below. Underneath that, we see a highly creative, yet not any more technically sophisticated, "Nigerian astronaut" ruse.
With the rapid uptake in SaaS applications and the ease of moving enterprise applications from the data center to the cloud, many global companies are transforming the way they connect branch offices. In the past, the conventional approach was to connect all of your locations over an MPLS Wide Area Network (WAN) and then send all branch traffic over that to a regional HQ or even a single global HQ.