Showing results for 
Search instead for 
Did you mean: 
Create a Post


Anyone know anything about Check Point maybe working with JA3 yet, or plans around this?


A new method of TLS fingerprinting was recently put together called JA3. Rather than simply looking at the certificate used, JA3 parses multiple fields set in the TLS client hello packet sent over during the SSL handshake. The resulting fingerprint can then be used to identify, log, alert and/or block specific traffic.

JA3 looks at the client hello packet in the SSL handshake to in order to gather the SSL version and list of supported ciphers. If supported by the client, it will also use all supported SSL extensions, all supported Elliptic Curves, and finally the Elliptic Curve Point Format. 

GitHub - salesforce/ja3: JA3 is a standard for creating SSL client fingerprints in an easy to produc... 

2 Replies

Re: JA3

Personally not familiar with us using it, but definitely worth tracking.

0 Kudos

Re: JA3

Do you have any idea if CheckPoint is even considering this technology?

0 Kudos