Episode 30: SSL Inspection and Interception: Uses, Abuses and Trade-offs

Digital Shadows

The Payment Card Industry recently passed a deadline requiring that all e-commerce sites and merchants cease supporting TLS 1.0. With this and older protocols such as SSL vulnerable to man-in-the-middle attacks, the fear is that attackers can intercept and tamper with data being sent across these channels. However, SSL interception is also performed by organizations for reasons that include blocking malware or improving data leakage prevention. Richard Gold and Simon Hall join Rafael Amado to discuss how SSL interception works, the different reasons for deploying it, the risks and privacy ramifications of interception, and the overall trade-offs for organizations looking to implement these methods.

Listen on Itunes: https://itunes.apple.com/us/podcast/episode-30-ssl-inspection-interception-uses-abuses/id1326304686?i=1000415363198&mt=2

Listen on Soundcloud:

Previous Post
Episode 31: Carbanak Files and Source Code Leaked?
Episode 31: Carbanak Files and Source Code Leaked?

In this week's ShadowTalk, Digital Shadows’ Russian-speaking security specialist discovered files and sourc...

Next Post
Episode 29: Reducing Your Attack Surface: From a Firehose to a Straw
Episode 29: Reducing Your Attack Surface: From a Firehose to a Straw

Following news that a database containing 340 million records has been publicly exposed to the internet, Ri...

Like what you hear?
Rate us on iTunes!

Rate Here