Blue Coat Systems has added seven new partners to the Blue Coat Encrypted Traffic Management (ETM) Ready Program, bringing the total number of partners to 17.
According to the security specialists, this group of vendors forms the largest industry collaboration across the industry.
Launched in March 2015, the ETM Ready Program is designed to prepare and certify Blue Coat Technology Alliance Partners to integrate SSL visibility solutions into the Blue Coat architecture, resulting in best-in-class security products to effectively detect and eliminate the hidden threats in encrypted traffic.
New members eSentire, Gigamon, LogRhythm, ManagedMethods, Symantec, TopSpin Security and Trend Micro join founding ETM Ready partners CA Technologies, Cyphort, Damballa, Fidelis Cybersecurity, HP, Lastline, RSA, SafeNet, Inc. (now Gemalto), Venafi and VSS Monitoring.
“Encryption is the tool of choice to protect privacy,” says Peter Doggart, vice president of business development, Blue Coat.
“But it is also quickly becoming yet another method of attack across the threat landscape.
“Our customers are telling us that protecting employee and customer data is critical, but they also need to protect their network and the sky-rocketing use of encryption is hindering their ability to do so.
“Blue Coat and our ETM Ready partners are working to ensure enterprises can protect both privacy and their networks even as their use of encryption grows.”
Today, the number of both business and consumer websites using SSL encryption as the default for securing all data in transit continues to grow.
According to Blue Coat Labs research, of the top 10 most visited web sites, 100 per cent of them use HTTPS, or encrypted traffic, rendering 100 per cent of that traffic invisible to all security devices unless it is decrypted.
Doggart believes the growing use of encryption to address privacy concerns is creating a perfect set of conditions for cyber criminals to hide malware inside encrypted transactions.
Blue Coat researchers have found that it often reduces the level of sophistication required for malware to avoid detection; thereby making it easier for malware to get onto the network.
Doggart says the Blue Coat researchers found that over a typical seven-day period, out of 1.1 million new sites identified and classified, over 40,000 requests were newly-classified malicious HTTPS sites and 100,000 requests - or approximately 10 per cent - to Command-and-Control HTTPS sites were already infected.
“Currently, encrypted traffic is a huge blind spot for enterprise visibility,” adds Adrian Sanabria, Senior security analyst, 451 Research.
“The importance of privacy will ensure this trend continues, but investments in network security are largely being wasted when encrypted traffic isn’t being inspected.
“Sophisticated attackers know that evading defences to get command and control traffic or data out of the enterprise is often as simple as using encryption in transit and perhaps a proxy or two.
“However, the technology to decrypt that traffic is only half the challenge – the other half is to leverage existing network security investments, which is why Blue Coat’s partnering efforts are so important.”