Why do NGFW's / Web Security apps talk so much about URL/Application filtering when 99% of companies don't SSL Decrypt?

• sagan

  3 146 6.0 C

  Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather than network packets. (by quadrantsec)

  

Relating specifically for inbound traffic : Some architectures do HTTPS termination at the load balancer/reverse proxy. If the web application logs are aggregated in one place (or you're using a cloud WAF service), you can use Sagan to run Snort rules against the requests. It's a band aid, but sometimes you have to make the most of the data you already have.

• kilo

  10 1,949 3.7 Go

  Kilo is a multi-cloud network overlay built on WireGuard and designed for Kubernetes (k8s + wg = kg) (by squat)

Then using something like this: https://docs.tigera.io/calico-enterprise/latest/compliance/encrypt-cluster-pod-traffic#value or: https://github.com/squat/kilo

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

Suggest a related project