[Bro] Bro Digest, Vol 146, Issue 6
Poore, Jeffrey S
jeffrey.s.poore at bankofamerica.com
Tue Jun 5 12:12:56 PDT 2018
> It installs a common and trusted by the browser SSL cert and acts as a man
> in the middle, decrypting and re-encrypting to the destination.
We do this for most traffic from regular user laptops and desktops, but there is always the possibility that someone will try to bypass our proxy. We also have stuff that we can't monitor like that because it contains sensitive info that needs to be secure end-to-end. That isn't to say though that we can't have traffic that is routed to a locked down secure zone that users can't access and analyzed there. The platform to do that will naturally also have masking built in so that sensitive information is scrubbed before any of it is persisted anywhere.
----------------------------------------------------------------------
This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message.
More information about the Bro
mailing list