This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Don_Paterson
Advisor
Advisor
‎2018-11-20 08:42 AM

JA3

Anyone know anything about Check Point maybe working with JA3 yet, or plans around this?

References:

A new method of TLS fingerprinting was recently put together called JA3. Rather than simply looking at the certificate used, JA3 parses multiple fields set in the TLS client hello packet sent over during the SSL handshake. The resulting fingerprint can then be used to identify, log, alert and/or block specific traffic.

JA3 looks at the client hello packet in the SSL handshake to in order to gather the SSL version and list of supported ciphers. If supported by the client, it will also use all supported SSL extensions, all supported Elliptic Curves, and finally the Elliptic Curve Point Format. 

GitHub - salesforce/ja3: JA3 is a standard for creating SSL client fingerprints in an easy to produc... 

2 Replies
PhoneBoy
Admin
Admin
‎2018-11-20 11:12 AM

Personally not familiar with us using it, but definitely worth tracking.

0 Kudos
donat5
Explorer
‎2019-06-10 07:34 AM
In response to PhoneBoy

Do you have any idea if CheckPoint is even considering this technology?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top