How much do you really know about the use of SSL encryption by applications running on your network? It's probably more widespread than you think.
Our 2014 Application Usage and Threat Report analyzes the relationship between threats and applications on enterprise networks, including how attackers use traditional exploit techniques in innovative ways to disguise dangerous threat activity. Among the key findings from this year's report is that 34 percent of the applications observed use SSL encryption. Most organizations simply don't have a good handle on which applications those are -- and therefore, don't have a good handle on applications that might be responsible for malicious activity.
We've talked about SSL in the past and shared findings in previous versions of the Application Usage and Threat Report. But now it's a much bigger issue than it was even a year ago. If an administrator doesn't know how many applications running on the network use SSL, he or she also doesn't know how many of those applications use unpatched versions of OpenSSL, which may directly or indirectly expose the organization to Heartbleed or other vulnerabilities.
Scott Simkin, Palo Alto Networks Senior Cybersecurity Analyst, looks at this knowledge gap more closely in a recent column for SecurityWeek, along with how security administrators should consider SSL decryption in their strategies.