Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Don_Paterson
Advisor

JA3

Anyone know anything about Check Point maybe working with JA3 yet, or plans around this?

References:

A new method of TLS fingerprinting was recently put together called JA3. Rather than simply looking at the certificate used, JA3 parses multiple fields set in the TLS client hello packet sent over during the SSL handshake. The resulting fingerprint can then be used to identify, log, alert and/or block specific traffic.

JA3 looks at the client hello packet in the SSL handshake to in order to gather the SSL version and list of supported ciphers. If supported by the client, it will also use all supported SSL extensions, all supported Elliptic Curves, and finally the Elliptic Curve Point Format. 

GitHub - salesforce/ja3: JA3 is a standard for creating SSL client fingerprints in an easy to produc... 

2 Replies
PhoneBoy
Admin
Admin

Personally not familiar with us using it, but definitely worth tracking.

0 Kudos
donat5
Explorer

Do you have any idea if CheckPoint is even considering this technology?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events