<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0"><channel><title>Peakhour.IO - Cisco Mercury</title><link>https://www.peakhour.io/</link><description></description><lastBuildDate>Sun, 06 Sep 2026 09:00:00 +1000</lastBuildDate><item><title>What an Open Network Fingerprint Database Should Publish</title><link>https://www.peakhour.io/blog/open-network-fingerprint-database-schema/</link><description>&lt;p&gt;A useful open fingerprint database needs provenance, competing labels, raw evidence, format versions and licences—not another unexplained hash list.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 06 Sep 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-09-06:/blog/open-network-fingerprint-database-schema/</guid><category>Security</category><category>Network Fingerprinting</category><category>TLS Fingerprinting</category><category>JA4</category><category>Cisco Mercury</category><category>Security Research</category></item><item><title>Does TLS Fingerprint Canonicalisation Hide Attacker Variation? How to Test It</title><link>https://www.peakhour.io/blog/tls-fingerprint-canonicalisation-attacker-variation/</link><description>&lt;p&gt;Sorting makes TLS fingerprints more stable, but it also removes ordering evidence. Here is how to test whether the discarded variation matters.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 16 Aug 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-08-16:/blog/tls-fingerprint-canonicalisation-attacker-variation/</guid><category>Security</category><category>TLS Fingerprinting</category><category>JA4</category><category>Cisco Mercury</category><category>Network Fingerprinting</category><category>Security Research</category></item><item><title>A Network Fingerprint Is a Cohort, Not a Client</title><link>https://www.peakhour.io/blog/fingerprint-is-a-cohort-not-a-client/</link><description>&lt;p&gt;TLS fingerprints group similar protocol implementations. They do not prove which application, device or person made a request.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 09 Aug 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-08-09:/blog/fingerprint-is-a-cohort-not-a-client/</guid><category>Security</category><category>TLS Fingerprinting</category><category>JA3</category><category>JA4</category><category>Cisco Mercury</category><category>Network Fingerprinting</category><category>Bot Management</category></item><item><title>From Joy to Mercury and EVE: Following Cisco's Network Fingerprinting Work</title><link>https://www.peakhour.io/blog/from-joy-to-mercury-and-eve/</link><description>&lt;p&gt;Cisco's open-source collectors, fingerprinting research and Encrypted Visibility Engine form a clear lineage, but they are not interchangeable parts of one public system.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 02 Aug 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-08-02:/blog/from-joy-to-mercury-and-eve/</guid><category>Security</category><category>Cisco Joy</category><category>Cisco Mercury</category><category>Encrypted Visibility Engine</category><category>TLS Fingerprinting</category><category>Network Fingerprinting</category><category>Encrypted Traffic</category></item><item><title>Two Lineages of TLS Fingerprinting: JA3, JA4 and Cisco Mercury</title><link>https://www.peakhour.io/blog/two-lineages-tls-fingerprinting/</link><description>&lt;p&gt;JA4 did not descend from Cisco Mercury. The two projects come from different strands of TLS fingerprinting research and solve different operational problems.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 26 Jul 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-07-26:/blog/two-lineages-tls-fingerprinting/</guid><category>Security</category><category>TLS Fingerprinting</category><category>JA3</category><category>JA4</category><category>Cisco Mercury</category><category>Network Fingerprinting</category><category>Threat Detection</category></item><item><title>One ClientHello, Three Fingerprints: JA3, JA4 and Mercury</title><link>https://www.peakhour.io/blog/one-clienthello-ja3-ja4-mercury-lab/</link><description>&lt;p&gt;A reproducible lab runs JA3, JA4 and Cisco Mercury against the same TLS ClientHello and compares what each fingerprint preserves.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 12 Jul 2026 09:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-07-12:/blog/one-clienthello-ja3-ja4-mercury-lab/</guid><category>Security</category><category>TLS Fingerprinting</category><category>JA3</category><category>JA4</category><category>Cisco Mercury</category><category>Network Fingerprinting</category><category>Security Research</category></item></channel></rss>