12 Days of Defense - Day 8: How Encrypted SNI works (and How It Will Blind Your Security Team)

Important 2021 Update - ESNI has been removed from Firefox in version 85.0+ in favor of the ECH standard instead. See my new video for a follow up -    • How the Encrypted Client Hello TLS Extensi...   ------------------------------ Is ESNI going to ruin your day? Check out this video to see how it works and find out why it may be the final blow that forces your organization to adopt TLS interception and decryption. For additional context on this video, be sure to watch Day 7 on TLS1.3 and Day 6 on DoH. Visit encryptedsni.com to test your browser for ESNI compatibility. === My SANS Courses: SEC450 - Blue Team Fundamentals: https://sans.org/sec450 MGT551 - Building and Leading Security Operations Centers: https://sans.org/mgt551 PDF Guide to Security Operations: https://www.sans.org/security-resourc... Blueprint Podcast: https://sans.org/blueprint-podcast Twitter:   / sechubb  

Join Today
12 Days of Defense - Day 9: How to Analyze HTTP Traffic in Wireshark
▶︎

12 Days of Defense - Day 9: How to Analyze HTTP Traffic in Wireshark

12 Days of Defense - Day 4: How to Analyze Email Headers and How Spoofed Email Works
▶︎

12 Days of Defense - Day 4: How to Analyze Email Headers and How Spoofed Email Works

How the Encrypted Client Hello TLS Extension (ECH) Works (and How it Impacts Security Operations)
▶︎

How the Encrypted Client Hello TLS Extension (ECH) Works (and How it Impacts Security Operations)

12 Days of Defense - Day 1: PDF and Office Doc Malware IOC Extraction
▶︎

12 Days of Defense - Day 1: PDF and Office Doc Malware IOC Extraction

12 Days of Defense - Day 5: How Windows Security Logging Works
▶︎

12 Days of Defense - Day 5: How Windows Security Logging Works

How Hackers Crack Every Single Game!
▶︎

How Hackers Crack Every Single Game!

China’s Secret | The Most Unbelievable Megaprojects in China | 4K Travel Documentary
▶︎

China’s Secret | The Most Unbelievable Megaprojects in China | 4K Travel Documentary

Bypassing Firewalls with DNS Tunnelling (Defence Evasion, Exfiltration and Command & Control)
▶︎

Bypassing Firewalls with DNS Tunnelling (Defence Evasion, Exfiltration and Command & Control)

12 Days of Defense - Day 10: How to Analyze HTTP/2 Traffic in Wireshark
▶︎

12 Days of Defense - Day 10: How to Analyze HTTP/2 Traffic in Wireshark

Passkeys Explained: Are They Actually Better Than Passwords?
▶︎

Passkeys Explained: Are They Actually Better Than Passwords?

World's Deadliest Computer Virus: WannaCry
▶︎

World's Deadliest Computer Virus: WannaCry

SOC Analyst Skills - 4 "Must Have" Tools for Triaging and Analyzing Malware
▶︎

SOC Analyst Skills - 4 "Must Have" Tools for Triaging and Analyzing Malware

12 Days of Defense - Day 3: How the SOC Works (Security Monitoring Tools and Architecture)
▶︎

12 Days of Defense - Day 3: How the SOC Works (Security Monitoring Tools and Architecture)

How hackers steal passwords with Wireshark
▶︎

How hackers steal passwords with Wireshark

Investigating Malware Using Memory Forensics - A Practical Approach
▶︎

Investigating Malware Using Memory Forensics - A Practical Approach

12 Days of Defense - Day 6: How DNS over HTTPS (DoH) Works / DNS Privacy
▶︎

12 Days of Defense - Day 6: How DNS over HTTPS (DoH) Works / DNS Privacy

12 Days of Defense - Day 11: Prioritizing Detection with MITRE ATT&CK Navigator
▶︎

12 Days of Defense - Day 11: Prioritizing Detection with MITRE ATT&CK Navigator

16 secs to break it! 😱 70% of real world WiFi networks owned!
▶︎

16 secs to break it! 😱 70% of real world WiFi networks owned!

Something is jamming GPS over Europe. Here's what we found
▶︎

Something is jamming GPS over Europe. Here's what we found