惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

W
WeLiveSecurity
博客园 - 【当耐特】
Microsoft Azure Blog
Microsoft Azure Blog
WordPress大学
WordPress大学
Stack Overflow Blog
Stack Overflow Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
IT之家
IT之家
Cloudbric
Cloudbric
The Register - Security
The Register - Security
小众软件
小众软件
PCI Perspectives
PCI Perspectives
G
Google Developers Blog
AI
AI
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Google DeepMind News
Google DeepMind News
Google DeepMind News
Google DeepMind News
宝玉的分享
宝玉的分享
Recent Commits to openclaw:main
Recent Commits to openclaw:main
量子位
TaoSecurity Blog
TaoSecurity Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
F
Full Disclosure
N
Netflix TechBlog - Medium
博客园_首页
Last Week in AI
Last Week in AI
A
Arctic Wolf
B
Blog RSS Feed
J
Java Code Geeks
C
Cybersecurity and Infrastructure Security Agency CISA
I
InfoQ
aimingoo的专栏
aimingoo的专栏
云风的 BLOG
云风的 BLOG
NISL@THU
NISL@THU
MyScale Blog
MyScale Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Jina AI
Jina AI
有赞技术团队
有赞技术团队
S
Schneier on Security
L
Lohrmann on Cybersecurity
P
Privacy & Cybersecurity Law Blog
T
Threat Research - Cisco Blogs
P
Palo Alto Networks Blog
S
Security @ Cisco Blogs
Security Archives - TechRepublic
Security Archives - TechRepublic
Security Latest
Security Latest
Vercel News
Vercel News
博客园 - 司徒正美
Webroot Blog
Webroot Blog
Hacker News: Ask HN
Hacker News: Ask HN
A
About on SuperTechFans

SECURITY.COM

Spirals: New Stealthy Ransomware Deployed Against Asian IT Company Daxin Returns: Stealthy Malware Resurfaces in Taiwan Alongside a New Backdoor The Detection Gap: MITRE ATT&CK T1140 and T1105 Humble Brag: Symantec® Data Center Security Achieves Common Criteria Certification GodDamn Ransomware: Latest Beast Rebrand Uses Malicious Driver to Disable Defenses Tips to Harden Your Air Gapped Environments AV-TEST Gives Symantec® Endpoint Security Complete a Perfect Score The BYOVD Epidemic: How Attackers Are Weaponizing Trusted Windows Drivers to Kill Security 🎙️SECURITY.COM The Podcast: The Parasite in the Machine: Unmasking the Speagle Infostealer Your DLP Incident Backlog Owes You Closure Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker 5 Reasons Symantec® CBX Delivers Total Endpoint Visibility 8 XDR Questions From the Show Floor Another Year, Another Win: SE Labs® Recognizes Symantec® Endpoint Security Hidden in Teams: DragonForce Attackers Weaponize Microsoft Teams Relays to Stay Hidden Locking Down the Server 🎙️SECURITY.COM The Podcast: The Death of SIEM Threats Rise on a Tide of Global Unrest When Nation-States Stop Caring About Size Espionage Campaign Targeted Stock Exchange Executive for Five Months Data Security Is Having A Moment 5 Ways XDR Helps SOCs Act Faster 🎙️SECURITY.COM The Podcast: The Evolution of Cybersecurity PR with W2 Communications The Maximalism Trap: When More Becomes Too Much Symantec DLP Cloud and DPSM are the Power Couple Security Strategists Need Symantec DLP Cloud and DSPM are the Power Couple Security Strategists Need The Future of the Partnership: AI, Automation, and Ecosystems Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations 🎙️SECURITY.COM The Podcast: Iran’s Cyber Warfare Playbook: What Defenders Need to Know Right Now 5 Ways To Keep AI in Check Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign Doing More with Less: How Government Agencies are Rethinking Cybersecurity Navigating Compliance and Insurance as a Competitive Edge Is SIEM Trying to Do Too Much? Every Defender Deserves Frontier AI The New Partner-Vendor Relationship DLP Made Easier on the Teams Running It The EU Digital Wallet: Why Waiting is Not an Option Trigona Affiliates Deploy Custom Exfiltration Tool to Streamline Data Theft Stopping Data Leaks at the Speed of AI Harvester: APT Group Expands Toolset With New GoGra Linux Backdoor How AI Increases the Load on Security Teams Web Traffic Visibility is the New Non-Negotiable The Agentic AI Tsunami is Here: Is Your Legacy IAM Sinking or Swimming? Technical Enablement vs. Marketing Noise Enterprise-Grade Security for All in 2026 Architecting for Margin Beyond the Initial Sale 🎙️SECURITY.COM The Podcast: A Brief History of Data Loss Prevention Symantec CBX Through the Paparazzi Lens The U.S. Navy’s Playbook for Cost-Controlled, Reliable Cybersecurity The Modern Threat Landscape and The Partner’s New Burden Symantec CBX Rocked RSAC 2026 Conference For Financial Services, a Wake-Up Call for Reclaiming IAM Control The Next Identity Shift Cyber Legends: Behind the Scenes of CBX Built for This Moment (and All Those to Come)
The Visibility Challenge Nobody Asked For
About the Author · 2026-07-03 · via SECURITY.COM

Encryption is the bedrock of digital trust. It protects our financial transactions, secures our private conversations, and ensures data integrity across the web. 

For security professionals, encryption creates a different challenge. The very technology designed to protect users and data is commonly leveraged by adversaries to hide their most damaging activities.

A growing number of attacks are malware-free, highlighting attackers’ use of valid credentials, trusted services, and authorized pathways to evade traditional security controls. With more than 95% of web traffic now encrypted, security teams need visibility into the channels where modern, AI-driven threats operate—because you can’t stop what you can’t see.

Why old tradeoffs no longer work

SSL/TLS inspection is not a new concept. Security veterans remember the early days of "man-in-the-middle" proxies that often caused more headaches than they solved—slowing down network speeds and breaking applications. Historically, many organizations chose to bypass inspection simply to keep the business running, accepting the risk to avoid the "performance tax” that came with inspecting encrypted traffic.

A tradeoff that is becoming increasingly difficult to justify. When encrypted traffic represents the overwhelming majority of network activity, bypassing inspection means creating visibility gaps that span entire environments.

Given the performance and cost hit that full traffic decryption and inspection can bring, many security vendors offer low-cost solutions that simply bypass encrypted traffic. This leaves a blind spot that many simply overlook, or don’t even know about.

At Symantec, we have spent decades refining transparent proxying and encrypted traffic inspection. Our Edge SWG and SSL Visibility (SSLV) appliance solutions were built to handle decryption without the performance degradation that’s historically limited adoption.

Inspecting traffic in a TLS 1.3 world 

As TLS 1.3 has become the standard, the complexity of inspection has shifted. The protocol's improved privacy features make passive sniffing impossible, requiring active, high-performance proxying to maintain visibility. 

This is where Symantec’s legacy becomes a critical advantage. We didn't build our decryption engine as an afterthought. We built it as a dedicated, high-speed security architecture.

Our approach ensures decrypted traffic can be shared across the broader security stack. By decrypting once and feeding clear-text data to your Secure Web Gateway (SWG), Data Loss Prevention (DLP), IDS/IPS, firewalls, network traffic analysis, security analytics, and sandboxes, organizations can eliminate the need for redundant decryption cycles that create latency and complexity.

Scaling encrypted traffic inspection with Symantec SSP S620

Encrypted traffic volumes continue to grow, and organizations need inspection technologies that can keep pace. The Symantec SSP S620 appliance provides just that, thanks to its recently added support for SSL Visibility. 

This latest enhancement extends the scale and performance of the SSL Visibility Appliance, helping organizations maintain visibility without sacrificing throughput.  

The S620 appliance delivers up to 1.75x greater aggregated performance than previous models in a significantly smaller 1RU footprint. By offloading the resource-intensive task of decryption, organizations extend the value of their existing security stack while improving visibility into encrypted traffic.

For security teams, this means more capacity to inspect encrypted traffic without sacrificing performance or adding unnecessary infrastructure—greater inspection capacity, without the complexity.

Balancing inspection and compliance

Visibility must coexist with compliance. With regulations like GDPR and HIPAA, a "decrypt everything" policy is not only risky—it could be a violation of privacy standards.

Recent analyst insights show that 69% of professionals still face significant challenges around tool visibility and cloud configuration gaps.

Symantec’s policy engine allows for granular, category-based decryption. Organizations can automatically inspect higher-risk categories such as "Uncategorized" or "File Sharing" sites while simultaneously bypassing categories like "Financial Services" or "Healthcare" to support compliance requirements. 

Keeping pace with encrypted traffic

Encryption without inspection is an invitation to the adversary. 

In 2026, the question is no longer whether you should inspect SSL/TLS traffic, but how. And just as important: How can you inspect that traffic at scale without compromising privacy or performance?

Symantec has spent decades solving this exact challenge. Continuous enhancements on the SSP S620 extend the scale and performance of the SSL Visibility Appliance to meet the demands of today’s modern threat landscape.

With these new enhancements to the Symantec SSP S620, we’re offering the ability to see clearly in a world that is increasingly dark. It’s time to reclaim control of your network security with a clear view.

Explore the updated SSL Visibility Appliance product brief to learn how the latest SSP S620 enhancements deliver greater scale and performance. Or better yet? Connect with your in-region expert to speak with a human.

Q&A: The need to inspect encrypted SSL/TLS traffic

Why is it important to be able to inspect encrypted traffic?

Inspecting encrypted SSL/TLS traffic is critical because most internet traffic is now encrypted, and attackers know that encryption can hide their activities just as effectively as it protects legitimate users. Without the ability to inspect encrypted traffic, security teams are essentially blind to a large portion of network activity. This impedes their ability to detect the presence of malware and ransomware, prevent data exfiltration, block phishing attempts, address AI-driven attacks, and more.

Why is granular control over decryption policies beneficial to security teams?

Granular decryption policies let security teams selectively decrypt and inspect high-risk traffic while exempting sensitive or trusted communications. This improves threat detection, reduces privacy concerns, and helps maintain compliance, while minimizing performance and operational impacts. Features like category–based decryption simplifies the task of imposing strict inspection policies on higher-risk categories even as other categories can be bypassed to comply with data handling regulations.

How does support for SSL Visibility enhance decrypted traffic inspection?

SSL Visibility centralizes decryption and re-encryption. This reduces processing demands on security tools, increases throughput, lowers latency, supports consistent policy enforcement, and enables organizations to inspect growing volumes of encrypted traffic efficiently. With its support for SSL Visibility, the Symantec SSP S620 makes it possible to offload the resource-intensive task of decryption, sending decrypted traffic to all your security tools – enabling extensive visibility without sacrificing throughput. “Decrypt once - feed many.”