Nubeva Technologies, a cloud visibility SaaS software developer for enterprises with assets in public and private clouds and data centers, announced support for modern endpoint-based decryption.
Nubeva TLS Decrypt, a software solution using symmetric key intercept technology, now allows organizations to offload decryption from proxy-based systems to allow full visibility with improved speed, performance and reduced cost.
The solution enables security teams to monitor traffic at endpoints including Linux, Microsoft Windows and Macintosh operating systems, Google Suite Collaboration and Productivity Apps, and pinned certificate-based applications like Dropbox.
“This solution decouples symmetric key discovery from the act of decryption,” said Randy Chou, CEO at Nubeva.
“With the ability to discover symmetric encryption keys without participating in the TLS handshake, Nubeva creates a massive decryption performance boost and unlocks the out-of-band decryption capability previously unavailable with the introduction of Perfect Forward Secrecy-based decryption as well as legacy.”
Nubeva TLS Decrypt is the first solution to decrypt both client and server-based traffic anywhere in the network. This expands Nubeva’s addressable market to include a new universe of potential use cases at enterprises that need complete visibility into network traffic in data centers, cloud environments and at endpoints.
Gartner’s latest forecast of global information security and risk management spending is forecast to reach $174.5 billion in 2022 and endpoint security tools make up nearly 25% of this spend. However, security teams continue to struggle to reduce breaches on endpoints because of the sheer number of PCs, laptops, tablets and smartphones used by enterprise employees.
Without proper infrastructure that allows for full network visibility, breaches can’t be identified in a timely way – further enabling an attacker the ability to snoop for high-value data in an organization’s network.
Launched in June 2019, Nubeva TLS Decrypt features patented symmetric key intercept technology that captures session keys at the handshake. When security teams need to see network traffic, the keys can be called on by a Nubeva decryptor agent to deliver Port 80 traffic to monitoring tools providing detailed packet data well beyond standard header and flow data.
Using the same out-of-band technology, Nubeva engineers have enabled the solution to capture keys from endpoint clients as well. Once identified, the keys can be used to decrypt traffic from an employee device, identifying potential data breaches, anomalies and malware.
“Nubeva TLS Decrypt can also be used for inline decryption optimizations,” added Chou. “It dramatically reduces cost, complexity and latency when used in conjunction with proxy-based and firewall decryption.”