Nubeva created a breakthrough approach to decryption. Symmetric Key Intercept is host-based discovery and delivery of the symmetric encryption keys used by all modern encryption systems, ciphers and protocols. Symmetric Key Intercept Architecture has four core elements:
Easy-to-Use Symmetric Key Intercept Simplifies Decryption and Enhances Visibility
Symmetric Key Discovery - TLS hello triggers Nubeva’s advanced, signature-based hunt rules. These key signatures let Nubeva’s read-only sensor quickly discover each session’s symmetric encryption key.
Symmetric Key Delivery - Symmetric encryption keys and session secrets are encrypted and securely sent – over your own network – to a decryptor destination or a Key Depot. The session traffic and the keys are never sent together, creating additional protection.
Pure, Symmetric Decryption: With the symmetric encryption keys already at your disposal, there is no need for old, slow and costly decryption mechanisms like MITM, handshake replay or early TLS termination. Decryptors receive the symmetric keys and can perform bulk decryption at line rate.
Nubeva restores visibility to out-of-band detection and inspection solutions. There is no need to be in the middle of a session. Instead, Symmetric Key Intercept discovers and delivers the final, symmetric encryption keys from the host to the passive tool enabling it to see all traffic including TLS 1.3, PFS and pinned certificates.
Nubeva augments and enhances inline systems by delivering the final symmetric encryption keys from the host to the inline system before the first packet even arrives. Inspect traffic you previously had to bypass. Restore peak performance of inline tools by eliminating the need for handshake replays and old decryption processes.
Nubeva creates visibility where none existed before and enables security tools and teams to see into areas they’ve never seen before. Nubeva discovers symmetric encryption keys from Kubernetes and containers, Intra-zone/VPC, high-speed connections, and Cloud and 3rd party API calls/connections.
Get decrypted visibility and eliminate legacy performance costs. Use existing tools to inspect and monitor all traffic at line speed.
Extend the ROI of your existing solutions. Enable pure, fast symmetric decryption with Nubeva and continue to use the tools, teams and processes in place.
Regardless of encryption protocol or cipher suite, the confidentiality of traffic and integrity of the session is preserved while legitimate availability is allowed and protected.