Completed
TLS Fingerprinting: False Positives and Evasion
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
The Network Is Going Dark - Why Decryption Matters for SecOps
Automatically move to the next video in the Classroom when playback concludes
- 1 Introduction
- 2 Encryption Trend
- 3 TLS 1.3 Is Here
- 4 TLS 1.3 Highlights
- 5 TLS 1.3 Handshake
- 6 Why Network Detection?
- 7 North-South vs. East-West
- 8 X.509 Certificate
- 9 North-South Visibility: HTTPS (TLS 1.2) + DOH
- 10 Page-Load Fingerprints
- 11 TLS Fingerprinting Overview: JA3 and JA3S
- 12 TLS Fingerprinting: False Positives and Evasion
- 13 Traffic Analysis Overview
- 14 Cisco Encrypted Traffic Analysis
- 15 Network Detection: Better with Plaintext
- 16 Perfect Forward Secrecy Overview
- 17 PFS Adoption: 2013 - 2020
- 18 SSL/TLS Interception: "Break-and-Inspect"
- 19 SSL/TLS Interception: Secure Access Service Edge (SASE)
- 20 SSL/TLS Interception: Potential Weaknesses
- 21 SSL/TLS Interception: Trend
- 22 SSL/TLS Termination & Re-encryption
- 23 Out-of-band Analysis & Forensics PF5 breaks out-of-band network analysis and packet capture that needs to perform decryption for analysis
- 24 Out-of-band Analysis: TLS Downgrade
- 25 Out-of-band Analysis: Session Key Forwarding
- 26 Recommended Next Steps
- 27 Decrypting PFS at Fiserv
- 28 Apply / Next Steps