One thing that has not quite been mentioned in the blog, is how much of the MITM spyware comes from very big and well known „security“ companies.

You know, the ones that really know about security. X-PAN-AUTHCHECK type of security.

The amount of CVEs some of the big firewall companies collect make it seem like it is a competition for the poorest security hygiene.

The real problem we have is compliance theatre where someone in management forces these solutions onto their IT department just so they can check a box on their sheets and shift all responsibilities away.