Web Scanner allows users to target the JARM data of a webpage, allowing security teams to scan for similair websites.
Click here for a full list of field names.
JARM fingerprints
Field name
jarm
Explanation
The JARM fingerprint is a hash value derived from various characteristics of the TLS handshake, such as the ciphersuites offered, TLS extensions supported, and other parameters.
JARM fingerprints can either be used as a pre-filter, or as a tool for pinpointing specific targets.
JARM can be useful when attempting to identify specific malware that return unique TLS responses, if not obfuscated.
Important
JARM fingerprints are value-based, not key-based, compared to our other hashes.