Larger companies that monitor for corporate passwords being entered on third-party sites usually use a browser extension that’s force-installed using Chrome Enterprise.
Larger companies that monitor for corporate passwords being entered on third-party sites usually use a browser extension that’s force-installed using Chrome Enterprise.
Brkdncr@lemmy.world 3 weeks ago
Why do you say usually? It’s not what I do. I MitM every machine.
dan@upvote.au 3 weeks ago
It’s what I’ve experienced at FAANG companies. MitM isn’t used and would break certificate pinning on sites (including internal tools) that use both certificate pinning and HSTS.
Brkdncr@lemmy.world 3 weeks ago
I don’t MitM sites that are know to break. I also don’t decrypt healthcare or banking sites. In most cases you wouldn’t know it’s happening unless you look at the cert issuer.