Nubeva: TLS Decrypted Visibility for Azure
Nubeva offers a new method for TLS decryption to enable full packet inspection of network traffic for the modern era.
Nubeva Session Key Intercept (SKI) is an enterprise-class, production-grade system for extracting TLS session secretes from every TLS session between clients and server endpoints, forwarding those keys securely passive or inline decryption systems for inspection. SKI enables real-time, multi-destination, decentralized decryption of mirrored, captured, or streaming traffic. With Nubeva, you no longer need to rely on slow and expensive MITM, TLS termination, and replay mechanisms to get at the symmetric encryption keys. Discover and deliver symmetric keys to your chosen systems before the first packet even arrives and enable decrypted visibility at line speed - keys are destroyed once decryption is complete.
Nubeva allows DevOps, NetOps, and security teams to conduct deep packet inspection for security, compliance, application monitoring. Nubeva restores visibility to out-of-band detection and inspection systems broken by modern encryption and enhances inline systems relying on complicated and resource-intensive decryption techniques.
Nubeva Decrypts TLS 1.2 with Perfect Forward Secrecy and TLS 1.3 allows you to see and inspect pinned traffic, decrypt 3rd party SaaS, API, and infrastructure traffic, and decrypt traffic from modern compute environments in the Azure cloud, including container and Kubernetes environments.
Nubeva's SKI architecture is an evolved, flexible and universal method for TLS decryption. SKI offers a superior decryption feature to replace or augment proxy-based decryption techniques and re-enable passive systems.
Nubeva's SKI enables high-speed, low latency decryption at a fraction of the overhead of MITM methods - enabling full network visibility at a fraction of the cost while maintaining end-to-end security with no changes to handshake, PKI or key exchanges.
Nubeva SKI is flexible, easy to deploy and has low maintenance. Our instant-on, non-disruptive sensor works with virtually all cloud packet capture systems including Azure VTAP’s, private third-party agents, and with leading monitoring and analysis systems.