JARM is an active Transport Layer Security (TLS) server fingerprinting tool.

JARM fingerprints can be used to:

Quickly verify that all servers in a group have the same TLS configuration.
Group disparate servers on the internet by configuration, identifying that a server may belong to Google vs. Salesforce vs. Apple, for example.
Identify default applications or infrastructure.
Identify malware command and control infrastructure and other malicious servers on the Internet.