Highlights:
- According to Gigamon, their release aims to assist IT organizations in addressing blind spots by bringing attention to previously hidden threat activity within encrypted traffic.
- The Precryption technology from Gigamon is made to reveal threat activity that was hidden before, such as lateral movement, malware distribution, and data exfiltration inside virtual, cloud, and container applications.
Gigamon Inc., a company specializing in cloud visibility and analytics, has recently introduced new advancements in cybersecurity through the launch of its GigaVUE 6.4 software, enhancing the capabilities of its Deep Observability Pipeline.
The release encompasses the introduction of Gigamon Precyption. This novel functionality, the company asserts, will facilitate information technology and security entities in attaining unobstructed insight into encrypted data flow within virtual machine or container workloads. The enhanced visibility feature enables users to perform advanced threat detection, investigation, and response activities across hybrid cloud infrastructures.
According to Gigamon, their release aims to assist IT organizations in addressing blind spots by bringing attention to previously hidden threat activity within encrypted traffic. This initiative reinforces the establishment of a robust foundation for the implementation of zero-trust principles.
The primary emphasis of the release pertains to the utilization of encrypted data. According to a recent survey by Gigamon, a significant majority of IT and security leaders, exceeding 70%, acknowledge their failure to scrutinize encrypted data traversing their hybrid cloud infrastructure. Gigamon says that not doing so is a huge risk because security and monitoring tools alone can’t find malware threats as encrypted data moves inside, outside, or laterally across an organization.
The Precryption technology from Gigamon is made to reveal threat activity that was hidden before, such as lateral movement, malware distribution, and data exfiltration inside virtual, cloud, and container applications. The service uses the eBPF technology in the Linux kernel to provide visibility into plaintext, capturing traffic before it has been encrypted or after it has been decrypted.
With Precryption, keys don’t need to be sniffed or intercepted, and there’s no need for expensive decryption. The service also works without the application, so it doesn’t have to deal with the usual operational problems with agent-based approaches. One of its prime features is the ability for information security, network, and cloud operations teams to see all encrypted traffic across virtual machine or container workloads.
According to the company, the service assists organizations in safeguarding personally identifiable information by obscuring traffic visibility, thereby ensuring data security, compliance, and governance. The service has been specifically developed to mitigate the operational intricacies of decryption by eliminating the burdensome task of managing private keys for activities such as passing, key sharing, and library updates. It also offloads decryption overhead from cloud, security, and observability tools, significantly increasing their capacity and performance, according to Gigamon.
Michael Dickman, Chief Product Officer, stated after the release, “As cloud adoption accelerates across an expanding number of private and public platforms, organizations must also address the escalating risks of threat activity concealed within encrypted traffic. With Gigamon Precryption technology, we’re turning the tables on cybercriminals by bringing deep observability to encrypted traffic, allowing customers to dramatically improve their security posture across any number of clouds and workloads, without any burden on developers.”