You know, this reminds me of the time I had to deal with a legacy application that used a hardcoded SSL certificate. Talk about a nightmare! I ended up just throwing the whole thing in the trash and starting over. But I digress, I think the best solution here is to add an exception to the steering config.
Blocking the traffic with pinned certificates is just going to cause a lot of headaches for the end users. Why not just allow the domains in an inline policy? That way, we can still inspect the traffic and maintain control without disrupting the applications.
I disagree. I think the best approach is to add the domains used by the certificate-pinned applications to the authentication bypass list. That way, we don't have to worry about the pinned certificates at all, and the traffic can flow freely.
This is a tricky one. The correct answer really depends on how the organization wants to handle certificate-pinned traffic. Personally, I think adding an exception to the steering configuration makes the most sense, as it allows the traffic to flow while still maintaining security controls.
Noah
6 months agoChanel
6 months agoIsadora
6 months agoMartin
7 months agoRose
7 months agoSlyvia
7 months agoHildred
8 months agoJeniffer
8 months agoRoxanne
8 months agoSantos
8 months agoJerry
7 months agoBrittni
7 months agoVi
8 months agoMarjory
8 months agoJohnna
8 months agoMadonna
8 months agoKarma
8 months ago