惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Recorded Future
Recorded Future
C
Cyber Attacks, Cyber Crime and Cyber Security
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Scott Helme
Scott Helme
Cyberwarzone
Cyberwarzone
C
CERT Recently Published Vulnerability Notes
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
P
Palo Alto Networks Blog
Google Online Security Blog
Google Online Security Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
WordPress大学
WordPress大学
博客园 - 聂微东
L
LINUX DO - 最新话题
月光博客
月光博客
小众软件
小众软件
T
Troy Hunt's Blog
A
Arctic Wolf
量子位
I
Intezer
大猫的无限游戏
大猫的无限游戏
T
Tailwind CSS Blog
S
Schneier on Security
Schneier on Security
Schneier on Security
NISL@THU
NISL@THU
T
Threat Research - Cisco Blogs
TaoSecurity Blog
TaoSecurity Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园_首页
有赞技术团队
有赞技术团队
N
News and Events Feed by Topic
美团技术团队
The Cloudflare Blog
P
Privacy International News Feed
S
Security Affairs
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
G
GRAHAM CLULEY
N
News | PayPal Newsroom
Apple Machine Learning Research
Apple Machine Learning Research
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
L
LINUX DO - 热门话题
V
Vulnerabilities – Threatpost
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
C
CXSECURITY Database RSS Feed - CXSecurity.com
宝玉的分享
宝玉的分享
Application and Cybersecurity Blog
Application and Cybersecurity Blog
IT之家
IT之家
Hacker News: Ask HN
Hacker News: Ask HN
雷峰网
雷峰网

SECURITY.COM

Spirals: New Stealthy Ransomware Deployed Against Asian IT Company Daxin Returns: Stealthy Malware Resurfaces in Taiwan Alongside a New Backdoor The Detection Gap: MITRE ATT&CK T1140 and T1105 Humble Brag: Symantec® Data Center Security Achieves Common Criteria Certification GodDamn Ransomware: Latest Beast Rebrand Uses Malicious Driver to Disable Defenses Tips to Harden Your Air Gapped Environments AV-TEST Gives Symantec® Endpoint Security Complete a Perfect Score The BYOVD Epidemic: How Attackers Are Weaponizing Trusted Windows Drivers to Kill Security 🎙️SECURITY.COM The Podcast: The Parasite in the Machine: Unmasking the Speagle Infostealer Your DLP Incident Backlog Owes You Closure Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker 5 Reasons Symantec® CBX Delivers Total Endpoint Visibility 8 XDR Questions From the Show Floor Another Year, Another Win: SE Labs® Recognizes Symantec® Endpoint Security Hidden in Teams: DragonForce Attackers Weaponize Microsoft Teams Relays to Stay Hidden Locking Down the Server 🎙️SECURITY.COM The Podcast: The Death of SIEM Threats Rise on a Tide of Global Unrest When Nation-States Stop Caring About Size Espionage Campaign Targeted Stock Exchange Executive for Five Months Data Security Is Having A Moment 5 Ways XDR Helps SOCs Act Faster 🎙️SECURITY.COM The Podcast: The Evolution of Cybersecurity PR with W2 Communications The Maximalism Trap: When More Becomes Too Much Symantec DLP Cloud and DPSM are the Power Couple Security Strategists Need Symantec DLP Cloud and DSPM are the Power Couple Security Strategists Need The Future of the Partnership: AI, Automation, and Ecosystems Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations 🎙️SECURITY.COM The Podcast: Iran’s Cyber Warfare Playbook: What Defenders Need to Know Right Now 5 Ways To Keep AI in Check Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign Doing More with Less: How Government Agencies are Rethinking Cybersecurity Navigating Compliance and Insurance as a Competitive Edge Is SIEM Trying to Do Too Much? Every Defender Deserves Frontier AI The New Partner-Vendor Relationship DLP Made Easier on the Teams Running It The EU Digital Wallet: Why Waiting is Not an Option Trigona Affiliates Deploy Custom Exfiltration Tool to Streamline Data Theft Stopping Data Leaks at the Speed of AI Harvester: APT Group Expands Toolset With New GoGra Linux Backdoor How AI Increases the Load on Security Teams Web Traffic Visibility is the New Non-Negotiable The Agentic AI Tsunami is Here: Is Your Legacy IAM Sinking or Swimming? Technical Enablement vs. Marketing Noise Enterprise-Grade Security for All in 2026 Architecting for Margin Beyond the Initial Sale 🎙️SECURITY.COM The Podcast: A Brief History of Data Loss Prevention Symantec CBX Through the Paparazzi Lens The U.S. Navy’s Playbook for Cost-Controlled, Reliable Cybersecurity The Modern Threat Landscape and The Partner’s New Burden Symantec CBX Rocked RSAC 2026 Conference For Financial Services, a Wake-Up Call for Reclaiming IAM Control The Next Identity Shift Cyber Legends: Behind the Scenes of CBX Built for This Moment (and All Those to Come)
The Visibility Challenge Nobody Asked For
About the Author · 2026-07-03 · via SECURITY.COM

Encryption is the bedrock of digital trust. It protects our financial transactions, secures our private conversations, and ensures data integrity across the web. 

For security professionals, encryption creates a different challenge. The very technology designed to protect users and data is commonly leveraged by adversaries to hide their most damaging activities.

A growing number of attacks are malware-free, highlighting attackers’ use of valid credentials, trusted services, and authorized pathways to evade traditional security controls. With more than 95% of web traffic now encrypted, security teams need visibility into the channels where modern, AI-driven threats operate—because you can’t stop what you can’t see.

Why old tradeoffs no longer work

SSL/TLS inspection is not a new concept. Security veterans remember the early days of "man-in-the-middle" proxies that often caused more headaches than they solved—slowing down network speeds and breaking applications. Historically, many organizations chose to bypass inspection simply to keep the business running, accepting the risk to avoid the "performance tax” that came with inspecting encrypted traffic.

A tradeoff that is becoming increasingly difficult to justify. When encrypted traffic represents the overwhelming majority of network activity, bypassing inspection means creating visibility gaps that span entire environments.

Given the performance and cost hit that full traffic decryption and inspection can bring, many security vendors offer low-cost solutions that simply bypass encrypted traffic. This leaves a blind spot that many simply overlook, or don’t even know about.

At Symantec, we have spent decades refining transparent proxying and encrypted traffic inspection. Our Edge SWG and SSL Visibility (SSLV) appliance solutions were built to handle decryption without the performance degradation that’s historically limited adoption.

Inspecting traffic in a TLS 1.3 world 

As TLS 1.3 has become the standard, the complexity of inspection has shifted. The protocol's improved privacy features make passive sniffing impossible, requiring active, high-performance proxying to maintain visibility. 

This is where Symantec’s legacy becomes a critical advantage. We didn't build our decryption engine as an afterthought. We built it as a dedicated, high-speed security architecture.

Our approach ensures decrypted traffic can be shared across the broader security stack. By decrypting once and feeding clear-text data to your Secure Web Gateway (SWG), Data Loss Prevention (DLP), IDS/IPS, firewalls, network traffic analysis, security analytics, and sandboxes, organizations can eliminate the need for redundant decryption cycles that create latency and complexity.

Scaling encrypted traffic inspection with Symantec SSP S620

Encrypted traffic volumes continue to grow, and organizations need inspection technologies that can keep pace. The Symantec SSP S620 appliance provides just that, thanks to its recently added support for SSL Visibility. 

This latest enhancement extends the scale and performance of the SSL Visibility Appliance, helping organizations maintain visibility without sacrificing throughput.  

The S620 appliance delivers up to 1.75x greater aggregated performance than previous models in a significantly smaller 1RU footprint. By offloading the resource-intensive task of decryption, organizations extend the value of their existing security stack while improving visibility into encrypted traffic.

For security teams, this means more capacity to inspect encrypted traffic without sacrificing performance or adding unnecessary infrastructure—greater inspection capacity, without the complexity.

Balancing inspection and compliance

Visibility must coexist with compliance. With regulations like GDPR and HIPAA, a "decrypt everything" policy is not only risky—it could be a violation of privacy standards.

Recent analyst insights show that 69% of professionals still face significant challenges around tool visibility and cloud configuration gaps.

Symantec’s policy engine allows for granular, category-based decryption. Organizations can automatically inspect higher-risk categories such as "Uncategorized" or "File Sharing" sites while simultaneously bypassing categories like "Financial Services" or "Healthcare" to support compliance requirements. 

Keeping pace with encrypted traffic

Encryption without inspection is an invitation to the adversary. 

In 2026, the question is no longer whether you should inspect SSL/TLS traffic, but how. And just as important: How can you inspect that traffic at scale without compromising privacy or performance?

Symantec has spent decades solving this exact challenge. Continuous enhancements on the SSP S620 extend the scale and performance of the SSL Visibility Appliance to meet the demands of today’s modern threat landscape.

With these new enhancements to the Symantec SSP S620, we’re offering the ability to see clearly in a world that is increasingly dark. It’s time to reclaim control of your network security with a clear view.

Explore the updated SSL Visibility Appliance product brief to learn how the latest SSP S620 enhancements deliver greater scale and performance. Or better yet? Connect with your in-region expert to speak with a human.

Q&A: The need to inspect encrypted SSL/TLS traffic

Why is it important to be able to inspect encrypted traffic?

Inspecting encrypted SSL/TLS traffic is critical because most internet traffic is now encrypted, and attackers know that encryption can hide their activities just as effectively as it protects legitimate users. Without the ability to inspect encrypted traffic, security teams are essentially blind to a large portion of network activity. This impedes their ability to detect the presence of malware and ransomware, prevent data exfiltration, block phishing attempts, address AI-driven attacks, and more.

Why is granular control over decryption policies beneficial to security teams?

Granular decryption policies let security teams selectively decrypt and inspect high-risk traffic while exempting sensitive or trusted communications. This improves threat detection, reduces privacy concerns, and helps maintain compliance, while minimizing performance and operational impacts. Features like category–based decryption simplifies the task of imposing strict inspection policies on higher-risk categories even as other categories can be bypassed to comply with data handling regulations.

How does support for SSL Visibility enhance decrypted traffic inspection?

SSL Visibility centralizes decryption and re-encryption. This reduces processing demands on security tools, increases throughput, lowers latency, supports consistent policy enforcement, and enables organizations to inspect growing volumes of encrypted traffic efficiently. With its support for SSL Visibility, the Symantec SSP S620 makes it possible to offload the resource-intensive task of decryption, sending decrypted traffic to all your security tools – enabling extensive visibility without sacrificing throughput. “Decrypt once - feed many.”