Blue Coat Systems is a large network and cloud security company who counts many of the world's most important companies as its clients. Among its product offerings are a range of appliances collectively called the Advanced Threat Protection suite, which include a standalone SSL man-in-the-middle decryption device known as SSL Visibility (SSL-V). Both the company and this particular product have been much maligned, but SSL-V has become a vital and important tool in the incident responder kit. This presentation will attempt to bring clarity to the many misconceptions about SSL Visibility, including how it works, what it can and can't do, and why SSL-V isn't as scary as some people make it out to be.
Andrew Brandt (Spike) is the Director of Threat Research at Blue Coat Systems. He is a former editor and columnist for a large consumer tech publication and Internet privacy expert who found his way into the world of malware analysis and network forensics from investigative journalism. In his day job, he infects computers with malware in order to observe their behavior and retrospectively learn about the communications methods and control networks criminals use to manage infected hosts. @threatresearch