The Network Is Going Dark - Why Decryption Matters for SecOps

The Network Is Going Dark - Why Decryption Matters for SecOps

RSA Conference via YouTube Direct link

TLS Fingerprinting: False Positives and Evasion

12 of 28

12 of 28

TLS Fingerprinting: False Positives and Evasion

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

The Network Is Going Dark - Why Decryption Matters for SecOps

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Introduction
  2. 2 Encryption Trend
  3. 3 TLS 1.3 Is Here
  4. 4 TLS 1.3 Highlights
  5. 5 TLS 1.3 Handshake
  6. 6 Why Network Detection?
  7. 7 North-South vs. East-West
  8. 8 X.509 Certificate
  9. 9 North-South Visibility: HTTPS (TLS 1.2) + DOH
  10. 10 Page-Load Fingerprints
  11. 11 TLS Fingerprinting Overview: JA3 and JA3S
  12. 12 TLS Fingerprinting: False Positives and Evasion
  13. 13 Traffic Analysis Overview
  14. 14 Cisco Encrypted Traffic Analysis
  15. 15 Network Detection: Better with Plaintext
  16. 16 Perfect Forward Secrecy Overview
  17. 17 PFS Adoption: 2013 - 2020
  18. 18 SSL/TLS Interception: "Break-and-Inspect"
  19. 19 SSL/TLS Interception: Secure Access Service Edge (SASE)
  20. 20 SSL/TLS Interception: Potential Weaknesses
  21. 21 SSL/TLS Interception: Trend
  22. 22 SSL/TLS Termination & Re-encryption
  23. 23 Out-of-band Analysis & Forensics PF5 breaks out-of-band network analysis and packet capture that needs to perform decryption for analysis
  24. 24 Out-of-band Analysis: TLS Downgrade
  25. 25 Out-of-band Analysis: Session Key Forwarding
  26. 26 Recommended Next Steps
  27. 27 Decrypting PFS at Fiserv
  28. 28 Apply / Next Steps

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.