JA3 is a popular method to fingerprint TLS connections used by many monitoring tools and IDSs. JA3 focuses on encryption options specified during TLS connection setup to fingerprint the encryption library used by the application. Image courtesy of Cisco So in essence the same JA3 fingerprint will match multiple applications, making JA3 unreliable (when used […]