Reply to post: Re: lesser threat

TLS proxies? Nah. Truthfully Less Secure 'n' poxy, say Canadian infosec researchers

Anonymous Coward
Anonymous Coward

Re: lesser threat

Absolutely correct, Nate. We've used them in decryption mode (Raytheon a.k.a. Forcepoint f.k.a. Websense) for six years. That article is garbage because it doesn't address exactly what you mentioned, the true risk they can mitigate.

For a ~1,000 employee company we see HTTPS stops many times on a weekly basis. As more traffic moves to HTTPS it will only get worse for companies that don't decrypt because that garbage makes all the way to the endpoint.

In the past two years we've reimaged precisely one PC for a suspected malware hit, an AV detection but no application whitelisting hit. It was purely precautionary.

I know some same-sized and smaller law firms who have a person or two dedicated to reimaging PC's because the partners won't permit decryption. One does about 1% of their PCs each week. Seriously.

As far as what the article reported on, I can tell you that Forcepoint released patches for many of those issues a year or more ago but if your company culture is to not pay attention you're going to get burned regardless what products you buy.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022