relaymonkey • 2 HN points • 14 Apr 23
- Be cautious of the information exposed in TLS/SSL certificates, as it can significantly expand the attack surface for malicious actors.
- Utilizing tools like Simple Hostname Discovery (SHD) can help identify potential security risks in the SAN field of certificates.
- Prevent misuse of the SAN field in certificates by using dedicated certificates for each hostname, rotating certificates regularly, and implementing SSL certificate pinning for mobile applications.