Quote:
Originally Posted by zx10guy
The tools available to track activity of what a user does on their terminal can get very specific. Having worked around various security projects, it's scary the kind of information that can be captured without even the user knowing it.
|
Using deep packet inspection also essentially acts as a middle man to decrypt every encrypted packet going in or out. Many security people now do not recommend this practice due to potential vulnerabilities but with more and more traffic being encrypted, it’s still one of the better ways to determine if company or other sensitive data is being exfilled. Pretty much transparent to the user.