In this segment of TLS Decryption In Action Series we take a look at secure decryption of TLS/SSL decryption of traffic with Pinned Certificates. Certificate pinning prevents man-in-the-middle devices and proxy-based interception from decrypting modern TLS traffic. With the introduction of PFS-based decryption, out-of-band key re-generation is not possible as there is no access to the certificate from the application, in this case Dropbox. This leaves teams and tools blind.
In this video, Nubeva shows how our new, state of the art approach, enables teams and tools to gain decrypted visibility even when pinned certificates are in play/