- Use mitmproxy only in authorized testing/troubleshooting scopes.
- Document approvals for interception and data inspection.
- Restrict listener interfaces to localhost or dedicated test networks.
¶ Certificate Handling
- Protect generated CA keys with strict filesystem permissions.
- Rotate/intermediate certificates for long-running test environments.
- Remove trusted test CA certs from clients after engagement.
- Mask or redact credentials/tokens in captured flows.
- Store traffic captures encrypted and with retention limits.
- Restrict access to capture files to authorized analysts only.