Cloud visibility and analytics company Gigamon Inc. today announced new cybersecurity innovations to its Deep Observability Pipeline with the release of its GigaVUE 6.4 software.

The release includes the debut of Gigamon Precyption, a new feature that the company says will enable information technology and security organizations to gain unobscured visibility into encrypted traffic across virtual machine or container workloads. With the new visibility, it adds, users can efficiently conduct advanced threat detection, investigation and response across hybrid cloud infrastructures.

With the release, Gigamon says, it’s helping IT organizations eliminate blind spots by shining a spotlight on this previously concealed threat activity inside encrypted traffic, reinforcing a strong foundation for zero trust.

The release is focused on encrypted data. A recent Gigamon survey found that more than 70% of IT and security leaders admit that they don’t inspect encrypted data flowing across their hybrid cloud infrastructure. Gigamon argues that not doing so presents a grave risk because malware threats cannot be detected by security and monitoring tools alone as encrypted data traverses internally, externally or laterally across an organization.

Gigamon’s Precryption technology is designed to reveal previously concealed threat activity, including lateral movement, malware distribution and data exfiltration inside virtual, cloud and container applications. The service leverages eBPF technology inside the Linux kernel to deliver plaintext visibility, capturing traffic before encryption or after decryption.

With Precryption, no keys need to be intercepted or sniffed and no expensive decryption is required. The service also runs independently of the application, avoiding operational challenges that are typical of classic agent-based approaches. Key features include the ability for information security, network and cloud operations teams to gain full visibility into encrypted traffic across virtual machine or container workloads.

The service supports organizations with personally identifiable information by masking the traffic from view to maintain data security, compliance and governance, according to the company. The service has been designed to reduce the operational complexity associated with decryption by eliminating cumbersome private key management for key sharing, passing and library updates. It also offloads decryption overhead from cloud, security and observability tools, greatly boosting their capacity and performance, Gigamon says.

“As cloud adoption accelerates across an expanding number of private and public platforms, organizations must also address the escalating risks of threat activity concealed within encrypted traffic,” Chief Product Officer Michael Dickman said ahead of the release. “With Gigamon Precryption technology, we’re turning the tables on cybercriminals by bringing deep observability to encrypted traffic, allowing customers to dramatically improve their security posture across any number of clouds and workloads, without any burden on developers.”

Image: Gigamon