TLS/SSL Certificate Findings Ingrid ⇤ Diligence Findings The TLS/SSL Certificates risk vector evaluates the strength and effectiveness of the cryptographic keys within TLS and SSL certificates, which are used to encrypt internet traffic. Navigation Options SPM App: Findings ➔ Findings Table CM App: Select a company from your Companies List. Go to Vendor Risk ➔ Findings Insurance App: Select a company from your Companies List. Go to Client Risk ➔ Findings Bitsight API: GET /v1/companies/entity_guid/findings?risk_vector=ssl_certificates Findings Table Details Sheet Details Tab Attributed To Tab Findings Table The details include the data in Findings and Diligence details. ❖ This field can be included in the table from the Customize Columns option. Field Description Filters Asset Importance The asset’s importance. Critical High Medium Low None Assets The asset name. No Assigned To The user assigned to remediate the finding. Yes Certificate End Date❖ The date when the certificate’s validity expires. No Certificate Key Algorithm❖ The cryptographic algorithm used to generate the key. No Certificate Key Evidence❖ The hostname or IP address associated with the certificate. Use this to identify assets with TLS/SSL Certificate findings. No Certificate Issuer❖ The certificate authority (CA) that issued this certificate. See CA details. No Certificate Serial Number❖ The serial number of this certificate in decimal format. This can be used for internal investigation to identify TLS/SSL Certificate findings. No Certificate Signing Algorithm❖ The cryptographic algorithm used to sign this certificate. MD2, MD5, and SHA-1 are considered insecure. No Certificate Signing Key Length❖ The length of the key used to sign this certificate. For RSA encryption, a key length of 2048 bits is recommended; for elliptic curve encryption, a key length of 224 is recommended. No Certificate Start Date❖ The date when the certificate’s validity begins. No Certificate Subject❖ Information describing the host secured by this certificate. No Certificate Subject Alternate❖ The domain names secured by this certificate. No Comments Discussions that provide a way to describe the status of resolution or validity of findings to external stakeholders and other interested parties. No Country The country where IP addresses attributed to the finding are hosted. Helpful when assessing a vendor if your company has data location restrictions. Allows cyber risk analysts to ask the vendors, “will any of my data touch these IP addresses?” Indicates if there is a risk of foreign actor influence, especially when looking at the grades of the findings with the associated IP addresses. No Dates Observation dates. Yes First Seen The date when the finding was first observed. 7 Days 1 Month 3 Months Custom Last Seen The date when the finding was last observed. 7 Days 1 Month 3 Months Custom Destination Port❖ The destination port identified in the finding. No Details A brief description of the issue. See finding messages. No Final Location❖ URL where headers were observed. No Finding Identifier The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding. This is not applicable to TLS/SSL Certificate findings. Refer to the Certificate Serial Number to identify TLS/SSL Certificate findings. Text search. Finding Severity The measured risk that this finding introduces. Minor Moderate Material Severe Grade The finding grade. See how the Diligence risk category is calculated. Good Fair Warn Bad Neutral N/A Impacts Risk Vector Filters for findings that currently impact the letter grade of their risk vector. The amount of time a finding impacts the letter grade depends upon the risk vector. See when risk vectors are impacted. Yes All Sources❖ A list of IP addresses where the certificate was seen, on the most recent day. No My Company's Sources❖ The list of Company's IP addresses and domains where the certificate was seen, on the most recent day. No Rescan This finding’s rescan status. Asset Not Found Assumed Remediated Failed No Status Not Remediated Partially Remediated Remediated Replacement Finding Scanning Remaining Lifetime The projected number of days that a finding will continue to impact risk vector grading (lifetime). This is a projection that assumes nothing changes in the future and a finding is not updated with new information. It may change if a finding is updated. The number of days. Remediation Instructions❖ How to resolve a negative finding. See finding messages. No Remediation Status The remediation status. See how to verify that a TLS/SSL Certificates finding has been remediated. No Status Open To Do Work In Progress Resolved Risk Accepted Risk Vector The risk vector. Yes Status Updated The date when the Remediation Status or Assigned To fields were last changed. 7 Days 1 Month 3 Months Custom Details Sheet Select a finding in the table to view the details. The sheet contains the Details and Attributed To tabs. Use the Options at the top-right of the sheet to request a finding rescan (Request Rescan) or update the remediation status (Update Status) for issue tracking. Both sheets contain the following information in the header: Field Description First Seen When this finding was first observed. Last Seen When this finding was last observed. Finding Grade The finding grade. See how the Diligence risk category is calculated. Finding Identifier The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding. This is not applicable to TLS/SSL Certificate findings. Refer to the Certificate Serial Number to identify TLS/SSL Certificate findings. Certificate Attribution Reason The reason why the certificate is attributed. Observed in Assets = The certificate was observed directly in one or more of the entity's known assets. Listed in Certificate = One or more of the entity's assets are listed in the certificates's subject or SAN (Subject Alternative Name) fields. Details Tab Details Field Description Final Location URL where headers were observed. Key Evidence The hostname or IP address associated with the certificate. Use this to identify assets with TLS/SSL Certificate findings. SSL Certificate Source IP addresses where the certificate was seen on the most recent day. Certificate Chain The certificate chain. End Date The date when this certificate is no longer in effect. Issuer Name The certificate authority that issued this certificate. Key Algorithm The cryptographic algorithm used to generate the key. Serial Number The serial number of this certificate in decimal format. This can be used for internal investigation, such as identifying the active certificate. Signature Algorithm The cryptographic algorithm used to sign this certificate. Start Date The date when this certificate went into effect. Subject Alternative Names The domain names secured by this certificate. Subject Name Information about the host that this certificate applies to. Assets Fields Description Asset The asset. Calculated Importance Asset importance. View findings Filter findings for this asset. Tags Infrastructure tags identifying the asset. Comments Finding comments discussing problem areas and communicating the status of resolution or the validity of findings. Attributed To Tab This contains the entity that the finding is attributed to and its position in the ratings tree. August 20, 2025: Added Certificate Attribution Reason. February 14, 2025: Added All Sources and My Company's Sources. October 29, 2024: Findings Table navigation instructions moved from Risks to a new Findings section in the menu. May 29, 2024: Certificate Serial Number replaces Finding Identifier as the TLS/SSL Certificates finding identifier. Related articles TLS/SSL Finding Remediation & Remediation Verification TLS/SSL Certificates Risk Vector TLS/SSL Configuration Findings GET: TLS/SSL Certificates Finding Details How is the Web Application Headers Risk Vector Assessed? Feedback 0 comments Please sign in to leave a comment.