TLS
![Secure DNS](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
The Importance Of Secure DNS In Enterprise Security Strategy
In today’s hyper-connected world, with the proliferation of applications and devices, has transformed the way we interact with the internet. From the rise in applications across cloud and containers, connected IoT devices ...
![PolarProxy TLS Firewall - block malicious, inspect suspicious, bypass legitimate](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
PolarProxy 1.0 Released
I am thrilled to announce the release of PolarProxy version 1.0 today! Several bugs that affected performance, stability and memory usage have now been resolved in our TLS inspection proxy. PolarProxy has ...
![TLS, certificates, Venafi, Preparation for TLS v1.3](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Venafi Launches 90-Day TLS Certificate Renewal Initiative
Venafi today launched an initiative to help organizations prepare to implement and manage certificates based on the Transport Layer Security (TLS) protocol ...
![spiral frame windows thumb](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
The Added Value of SNI-Only Mode in Imperva Cloud WAF
Imperva has modified the default behavior for new cloud WAF sites, now enforcing Server Name Indication (SNI)-only traffic by default. This shift is aimed at optimizing the utilization of TLS-related features, both ...
![Infoblox certificates Datadog Web3 DNSSEC OPSWAT web application security](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Digital Certificates Riddled With Security Weaknesses
A study published today found 79% of certificates on the internet are vulnerable to man-in-the-middle (MitM) attacks, with as many as 10% expired or self-signed (15%) in a way that is considered ...
![PolarProxy TLS redirect](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
TLS Redirection and Dynamic Decryption Bypass in PolarProxy
PolarProxy is constantly being updated with new features, enhanced performance and bug fixes, but these updates are not always communicated other than as a short mention in the ChangeLog. I would therefore ...
An Untrustworthy TLS Certificate in Browsers
The major browsers natively trust a whole bunch of certificate authorities, and some of them are really sketchy: Google’s Chrome, Apple’s Safari, nonprofit Firefox and others allow the company, TrustCor Systems, to ...
![CapLoader 1.9.4](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
CapLoader 1.9.4 Released
A new version of our advanced PCAP filtering tool CapLoader was released today. The new CapLoader 1.9.4 release includes features like JA3 hash extraction from TLS traffic and a fantastic thing called ...
![Russia Force-Feeds new, ‘Trusted’ CA—Yeah, RIGHT](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Russia Force-Feeds new, ‘Trusted’ CA—Yeah, RIGHT
Websites in Russia can’t renew their TLS/HTTPS certs. Moscow’s solution is to create a new certificate authority. But the man-in-the-middle threat should be obvious ...
![Images extracted from decrypted HTTP/2 traffic shown in NetworkMiner](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
PolarProxy in Windows Sandbox
In this video I demonstrate how PolarProxy can be run in a Windows Sandbox to intercept and decrypt outgoing TLS communication. This setup can be used to inspect otherwise encrypted traffic from ...