Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

SSL Implementation Test Available Free From Qualys

Qualys : 02 August, 2010  (New Product)
Companies can use the free online SSL test from Qualys to audit their web-sites for true SSL implementation
Qualys has announced a free online SSL test for web sites at Qualys SSL Labs, a site dedicated to providing resources for successfully using SSL to secure web sites and online transactions. The free online SSL test examines a web site's SSL certificate chain to ensure it is trusted and serves as a good security foundation for communication over the Internet. In conjunction with this release, the findings of research conducted over the past year studying about 120 million registered domain names using more than 800,000 SSL certificates will be presented in a live session today at Black Hat USA 2010.

SSL is a security protocol that protects Web sites by enabling encryption of sensitive information during online transactions. While it is a valuable protocol, implementations can have issues, including problems with configurations and certificate validations, which render SSL useless, jeopardizing security on the Internet. Qualys SSL Labs and the new online SSL test help any user, whether technical or not, evaluate their SSL implementations to better utilize SSL and protect their sites from possible attacks.

"SSL is a successful protocol that serves as the security backbone of the Internet, but most sites just don't have it well configured," said Ivan Ristic, director of engineering for Qualys and creator of SSL Labs. "Qualys SSL Labs is non-commercial research effort focused on understanding how SSL is used as an attempt to make it better and help users everywhere configure it and use it properly."

The new free online test lets a user test a web site's SSL certificate chain to ensure it is trusted and serves as a good security foundation for communication over the Internet. It also performs comprehensive configuration analysis to detect configuration weaknesses and performance issues. Users simply enter the web site domain name, and the test will assess any server behind the domain. The test results include a numerical score, grading the SSL server across several categories, as well as a letter grade that rates the SSL configuration. To improve a score, guidelines and resources for improved SSL use are available at Qualys SSL Labs.

A final numerical score from zero to 100 and a letter grade is provided at the end of the test indicating the strength of the SSL implementation on the web site being tested.

"Our aim at SSL Labs is to discuss the rarely mentioned aspects of SSL, promote its correct usage, and generally inspire everyone to do their part to promote security," Ristic said.

Highlights of the research that will be discussed in details at the Black Hat USA talk include:

* Only a tiny portion of all sites use SSL
* Only 70 percent of certificates are valid
* Half of all sites support the insecure SSLv2 protocol
* About 38 percent of SSL sites are well configured; 62 percent are not
* About 32 percent of sites still suffer from the renegotiation vulnerability
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo