Skip to main content

hi all!

   We’ve been having great difficulties with Applications that are sensitive to SSL decryption.  Namely Software developer tools.

    We have perhaps 2000 software devs, that could all potentially use a different dev tool, but many do use the same of course.  The issue is, the developers are either unwilling to help work with us to get the Netskope certs included into their application cert store, or they are unable to help us due to unknown OS type knowledge.

    We have been charged with doing whatever we can to avoid any individualized “one off” type protections on the dev’s individual systems, as something that could be “deployed” would be very much more desirable.

   We do have tamper protection enabled, so I know we’ll have to provide the NetSkope certs to whatever solution we find.

     We have a few of their packages with a solution, but it usually requires us working with the user to implement.  We also have some cert pinned apps setup, and a couple DND’s setup as well.  Of course, these are not as wanted as allowing their application to use the netskope certs for obvious reasons.

    I’ve looked on this link: Configuring CLI-based Tools and Development Frameworks to work with Netskope SSL Interception | Community

   and had some success, but not 100% success.  Many of their tools are not installed in default locations, I think just to make things difficult, LOL.

 

   How do you guys handle these software dev tools?  Visual studio, Java, python, pearl, code.exe, etc.  I have no problem providing the NS certs into a package that can be pushed out.  I’m hoping to find something that I can use globally to let their software packages know to use the Netskope certs.  No luck at this time that is even close to universal…

 

   thoughts?

   Mike B

Be the first to reply!

Reply