This post has been de-listed
It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.
I was reading Cloudflare's "A Roadmap to Zero Trust Architecture" and one of the steps is to block/isolate threats behind SSL/TLS, with the summary reading:
"Some threats are hidden behind SSL and cannot be blocked through only HTTPS inspection. To further protect users, TLS decryption should be leveraged to further protect users from threats behind SSL."
But I'm confused by the distinction between HTTPS inspection and TLS decryption, as I understand them to be one and the same, just with differnt wordings/names. My understanding is that HTTPS is the secure protocol for data transfer, while TLS is the security protocol for making HTTP Secure (HTTPS), but I'm struggling with this distinction of HTTPS inspection vs TLS decryption.
Subreddit
Post Details
- Posted
- 4 months ago
- Reddit URL
- View post on reddit.com
- External URL
- reddit.com/r/AskNetsec/c...