Companies that use security products to inspect HTTPS traffic might inadvertently make their users’ encrypted connections less secure and expose them to man-in-the-middle attacks, the U.S.

Computer Emergency Readiness Team warns.US-CERT, a division of the Department of Homeland Security, published an advisory after a recent survey showed that HTTPS inspection products don’t mirror the security attributes of the original connections between clients and servers.[ Expand your security career horizons with these essential certifications for smart security pros. | Discover how to secure your systems with InfoWorld’s Security Report newsletter. ]
HTTPS inspection checks the encrypted traffic coming from an HTTPS site to make sure it doesn’t contain threats or malware.
It’s performed by intercepting a client’s connection to an HTTPS server, establishing the connection on the client’s behalf and then re-encrypting the traffic sent to the client with a different, locally generated certificate. Products that do this essentially act as man-in-the-middle proxies.To read this article in full or to leave a comment, please click here

Leave a Reply