How you can detect TLS/SSL encrypted command and control traffic?

How you can detect TLS/SSL encrypted command and control traffic?

Answer:

1. Perform decryption and inspection of TLS/SSL traffic.
2. Perform analysis of the Netflow data to detect anomalous TLS/SSL flows.

Learn More :

Share this

Share on FacebookPlus on Google+