Identity

First Look: Barac ETV

With the increasing trend of business services and applications leveraging encryption as the leading method of securing data in transit, malicious actors have once again adapted by developing more sophisticated attacks that employ the same technology. By using encryption to mask activities, bad actors can evade detection at organizations that lack the ability to inspect encrypted traffic. One obvious way to mitigate this problem is to analyze encrypted traffic, which is a solution that comes with a price, including the expense of additional manpower, the reallocation of crucial network resources and the time required to investigate alarms.

To tackle this problem head on, the team at Barac (www.barac.io) developed Barac EVT (Encrypted Traffic Visibility). EVT is the next generation of encrypted threat detection. When connected to a standard network tap, it collects and analyzes data travelling through the network, providing real time detection of threats and attacks hidden within encrypted traffic. Analysis is conducted without decrypting source data and is achieved by using network TCP/IP and SSL metadata combined with machine learning and behavioral analytics. This approach allows EVT to detect known attack signatures and anomalous behavior, ultimately delivering a lightweight, accurate solution that increases an organization’s visibility while maintaining security and privacy. EVT successfully stops a variety of attacks including DDoS, XSS/SQL injection, man-in-the-middle, crypto-hacking, phishing, ransomware and data exfiltration.

Barac EVT is available as SaaS or on-premise offerings, is system agnostic, and can be installed and configured in as little as one day. Because of the vast volumes of data EVT processes, EVT requires a minimum of five virtual machines with 32GB of RAM and 16 cores to support the service. The VMs collect network traffic and send it to Barac’s main SaaS platform, where it is monitored for 150 known variations. The resident API allows organizations to complement SOC operations by sharing events, alerts, and other detailed information with a SIEM or console. EVT integrates with IBM Q-Radar, Splunk, LogRhythm, ArcSight, SolarWinds and other SIEM solutions.

What makes EVT unique is that it collects only the most significant data through its proprietary 1MB sensors, giving it a small footprint, which ultimately reduces bandwidth usage when compared to other encryption scanning technologies. The patent pending AI in EVT applies a combination of non-supervised and supervised learning to accurately detect 99.997 percent of all attacks and reduce false positives to 0.0006 percent. It also assists with compliance by validating encryption quality while providing visibility across the entire network infrastructure. EVT is PCI and GDPR compliant and is FIPS Level 3 validated.

The tools in EVT’s dashboard reduce the time required to identify and investigate infrastructure gaps and provides graph analytics that visualize the entire network. This approach helps analysts differentiate between normal and anomalous events by providing the hostnames and IPs of attackers. It also allows them to drill down into the details of questionable traffic. Attack details are summarized in an interactive attack map that correlates data threats by time, type, protocol, hostname, port, country of origin and other pertinent information to aid in forensic investigation.

Barac EVT is subscription based, offering one-, two- and three-year plans, priced per-end point per year. 24/7 support is included with the subscription.

Matthew McMurray

Product title
First Look: Barac ETV
Product info
Product: Barac ETV (Encrypted Traffic Visibility) Vendor: Barac Price: Subscription based on one-, two- or three-year plans, per-end point per year, price dependent on the total number of endpoints.
Strength
What it does: Detects the difference between authentic and potentially malicious encrypted traffic without the need to decrypt using a combination of data, metadata, and advanced A.I. in real time. What we liked: Provides accurate detection with a significant reduction in false positives, is easy to implement and manage, and maintains a small footprint.
Weakness
N/A
Verdict
The Bottom Line: Mitigates the increasing risk of complex cyber- attacks and malware hidden within encrypted traffic.

An In-Depth Guide to Identity

Get essential knowledge and practical strategies to fortify your identity security.

Related

Hacker of SEC’s X account sentenced after admitting guilt

After infiltrating the SEC's X account via SIM swapping conducted with the help of his co-conspirators, Council proceeded to post fraudulent information regarding the planned approval of cryptocurrency-containing exchange-traded funds, which resulted in a Bitcoin price spike, according to the Justice Department.

Reported UK-ordered iCloud encryption backdoor slammed

Implementation of a backdoor that would enable government access to Apple users' cloud storage data could set a precedent for authoritarian nation-states and threat actors, with Electronic Frontier Foundation's Thorin Klosowski noting the threat of a global emergency stemming from the secret order.

DeepSeek prohibited in New York government devices

Increasing concerns regarding the potential utilization of Chinese artificial intelligence platform DeepSeek for foreign government surveillance have prompted New York Gov. Kathy Hochul to ban the AI chatbot's usage across all state-issued devices just days after Texas Gov. Greg Abbott issued a similar prohibition for DeepSeek and Chinese-owned social media apps.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Basic AuthenticationBiometricsCertificate-Based AuthenticationChallenge-Handshake Authentication Protocol (CHAP)Digest AuthenticationDigital CertificateDiscretionary Access Control (DAC)

You can skip this ad in 5 seconds