TLS can cause problems for security teams, breaking TLS or ignoring TLS are common modus operandi, both are flawed and expose organizations to weaknesses. This session focusses on the management of TLS from a blue team perspective, without either ignoring or breaking TLS implementations.
We will discuss specific tooling, FingerPrinTLS and TLSProxy will be the primary focus, how to configure and deploy them in the real world, application architecture, considerations and demonstrations.