Develop invaluable cybersecurity skills through interactive training during SANS 2021 - Live Online. Register now.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Decrypt all the Things: How Encryption is Impacting Network-Based Security Controls

  • Wednesday, August 19, 2020 at 3:30 PM EDT (2020-08-19 19:30:00 UTC)
  • Eric Conrad

You can now attend the webcast using your mobile device!



The Internet is increasingly encrypted: over 80% of web pages now load via HTTPS. Firefox has enabled DoH (DNS over HTTPS) in the United States. And TLS 1.3 requires Perfect Forward Secrecy, making passive decryption more challenging. The same encryption that protects the privacy of your online banking data also shields malware from discovery. Where does that leave our classic network-based security controls such as Intrusion Detection Systems and proxies?

In this webcast, SANS Fellow Eric Conrad will discuss the state of Internet encryption, and will provide methods for detecting malware that spreads and communicates via encrypted channels. He will also provide practical steps for analyzing and decrypting TLS, including decrypting TLS 1.3.

Speaker Bio

Eric Conrad

Certified SANS instructor Eric Conrad's career began in 1991 as a Unix sysadmin for a small oceanographic communications company. He gained experience in a variety of industries, including research, education, power, Internet, and healthcare, and has worked with companies such as Mitsubishi Electric Research Labs, Boston University, The Open Group, Navipath, and Caritas Christi Health Care. He is now an independent information security consultant focusing on intrusion detection, incident handling, and penetration testing. He is a graduate of the SANS Technology Institute with a Master of Science degree in information security engineering. In addition to the CISSP, he holds the prestigious GIAC Security Expert (GSE) certification as well as the GIAC GPEN, GCIH, GCIA, GCFA, GAWN, and GSEC certifications. He is a contributing author to SANS HIPAA Security Implementation. Eric also blogs about information security at

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.