Barac’s Encrypted traffic visibility (ETV) platform inspects all network traffic for malicious threats in real time without needing to decrypt it. Barac uses its collector to retrieve the metadata of all network traffic to be analysed without the need for decryption. The analysis is achieved through the use of Machine learning algorithms that look at over 200 different metrics (DNS, certificate locations, etc…) and reconstitute the packet sequence using said metrics, giving each analysed sequence a risk score, should that score pass the threshold set by the client company it will be flagged and sent to the relevant SIEM/SOC as an alert. The fact that all of this can be done without the need to decrypt the data means Barac’s platform remains compliant with all regulations and also supports TLS 1.3 encryption as no sessions are decrypted.
Each individual encrypted session setup is calculated allowing for complete correlation and comparison of new setups. The ETV platform look for changes within the connection parameters within each individual session. By understanding the known behaviour, the ETV platform highlights the level of risk of each anomaly detected based on the 200 indicators.