Check vulnerability without relying on third-party services Query across all accounts and regions of an organisation Run the attached script to download and convert ACLs Tested on Snort 2, Snort 3 and Suricata 6 Take note if you have www -> apex redirect Utilise a curve not produced by NIST Canadian Shield, Cloudflare, DNS Filter, NextDNS, OpenDNS, Quad9 Many formats available It's not enabled by default and you can easily switch to other providers. DoT/DoH does not completely eliminate ISP surveillance.