What Do You Mean TLS 1.3 Might Degrade My Security?

Transport Layer Security (TLS), formerly known as SSL, has become the de facto way of encrypting data in motion on networks. Unfortunately, several serious attacks have affected TLS over the past few years, and malware increasingly uses SSL/TLS sessions to hide, confident that security tools will neither inspect nor block its traffic. The very technology that makes the internet secure can become a significant threat vector. As the volume of encrypted traffic continues to grow, organizations become even more vulnerable to encrypted attacks, hidden command and control channels, and unauthorized data exfiltration exploits that go undetected.

Once again, InfoSec teams find themselves at the fulcrum of a delicate balancing act. On the one hand, encryption is moving toward ubiquity, but on the other hand, InfoSec teams need to be able to detect when threat actors use it too. What can you do? This whitepaper will delve into TLS, look at the security implications of TLS 1.3 and what you can do to prepare.