What is SSL and why is it not enough when it comes to encryption?

SSL is identity verification, not hard encryption. it’s designed to be able to prove that the person you’re engaging on the other side is who they say they are. SSL and TLS are each used by almost everyone  online, however because of this it is a huge target and is mainly attacked through its implementation (The Heartbleed bug for example) and its far-famed methodology.