The TLS/SSL Configurations risk vector evaluates server TLS/SSL configurations, which indicates if a server’s security protocol libraries are correctly configured and that they support strong encryption standards when making connections to other machines.
See all Diligence risk category finding details.
Findings Table
The details include the data in Findings and Diligence.
❖ This field can be included in the table from the
Customize Columns option.Field | Description | |
---|---|---|
❖ Belongs to Service Provider | The IP in this finding belongs to a service provider, but is being used by the organization with the finding. | |
Certificate Chain | Details of each certificate in the chain. | |
End Date | The date when the certificate expires. | |
Issuer Name |
The certificate authority that issued the certificate, made up of attribute assertion values.
|
|
Key Algorithm | The cryptographic algorithm used to generate the key. | |
Serial Number | The serial number of the certificate in decimal format. This can be used for internal investigation. | |
Signature Algorithm | The cryptographic algorithm used to sign the certificate. MD2, MD5, and SHA-1 are considered insecure. | |
Start Date | The date when the certificate started. | |
Subject Alternative Names | The domain names secured by the certificate. | |
Subject Name | The distinguished name of the owner (host) of the certificate, made up of attribute assertion values.
|
|
❖ Certificate Issuer | The certificate authority (CA) that issued the certificate. | |
❖ Certificate Serial Number | The serial number of the certificate in decimal format. This can be used for internal investigation. | |
❖ Certificate Subject | Information regarding the host secured by the certificate. | |
❖ Certificate Subject Alternate | Domain names secured by the certificate. | |
❖ Destination Port | The number of the destination port identified in the finding. | |
❖ Diffie-Hellman Prime | The Diffie-Hellman prime (start and end) used for key negotiation. | |
❖ Diffie-Hellman Prime Length | The number of bits in the Diffie-Hellman prime. | |
❖ Diffie-Hellman Prime Name | Named Diffie-Hellman primes are published values, sourced from software libraries or other publications, used during key exchange. | |
❖ Final Location | URL where headers were observed. | |
Last Seen IP:Port | The latest IP:Port pair where the configuration was observed. | |
❖ Observed IPs | IP addresses where the certificate was seen, on the most recent day. | |
❖ Remediation Instructions | How to resolve a negative finding. See finding messages. |
Details Sheet
Select a finding in the table to view the details. The sheet contains the Details and Attributed To tabs.
- Request Refresh – Request a finding refresh.
-
Update Status
- Assign users to remediate the finding for Issue Tracking.
- Leave a finding comment.
- Update remediation status.
Both sheets contain the following information in the header:
- [Date] First Seen
- When this finding was first observed.
- [Date] Last Seen
- When this finding was last observed.
- Finding Grade
- The finding grade. See how the Diligence risk category is calculated.
- Finding Identifier
- The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding.
Details Tab
Details
- Certificate Chain
- The certificate chain.
- [Date] End Date
- The date when this certificate is no longer in effect.
- [Date] Start Date
- The date when this certificate went into effect.
- Final Location
- URL where headers were observed.
- Issuer Name
- The certificate authority that issued this certificate.
- Key Algorithm
- The cryptographic algorithm used to generate the key.
- Last Seen IP:Port
- The latest IP:Port where this configuration was observed.
- Sample Hostname
- The hostname.
- Serial Number
- The serial number of this certificate in decimal format. This can be used for internal investigation, such as identifying the active certificate.
- Service Provider IP
- The IP address belongs to one of this company's service providers.
- Signature Algorithm
- The cryptographic algorithm used to sign this certificate.
- Subject Alternative Names
- The domain names secured by this certificate.
- Subject Name
- Information about the host that this certificate applies to.
Remediations
This contains finding messages outlining the issue and remediation instructions.
- Details
- Details on the issue.
- Issue
- A summary of the finding.
- Remediation Tip
- Remediation instructions.
Assets
- Asset
- The asset.
- Calculated Importance
- Asset importance.
- View findings
- Filter findings for this asset.
IP Attributions
Attribution reasons, including the Attribution Info and CIDR.
Tags
Infrastructure tags identifying the asset.
Comments
Finding comments discussing problem areas and communicating the status of resolution or the validity of findings.
Attributed To Tab
This contains the entity that the finding is attributed to and its position in the ratings tree.
- February 13, 2025: Available Options in Details.
- October 29, 2024: Findings Table navigation instructions moved from Risks to a new Findings section in the menu.
- January 18, 2024: Navigation instructions by application.
Feedback
0 comments
Please sign in to leave a comment.