Presenter : Khizra

1

www.confiz.com

www.confiz.com

2

• Founded in 1999• QualysGuard cloud platform and integrated

suite• Simplify security operation as and lower cost

of compliance• Deliver Security intelligence , automation

the full spectrum of auditing and protection for IT Systems and web applications

Overview

www.confiz.com

Customers

3

• 8,800 customers in more than 100 countriesMajority of customers are Forbes Global and Fortune 100

• Founding members of the Cloud Security Alliance (CSA)

www.confiz.com

Customers

4

www.confiz.com

SSL Labs

5

• Launched in 2009• Research effort of Qualys’s• Help in understanding of SSL/TLS and PKI• Provide tools and documentation to assist with

assessment and configuration• Hundreds of thousands of assessments have

been performed on avg. monthly scan of about 170,000

www.confiz.com

6

www.confiz.com

SSL Labs – How it works

7

1. Verify that Certificate is valid and trusted2. Inspect server configuration in three categories:

a. Protocol support b. Key exchange support c. Cipher support

3. Combine the category scores into an overall score (B/w 0 and 100)

4. Apply a series of rules (Ranges A-, B, C, D, E, or F)

www.confiz.com

SSL Labs – How it works

8

www.confiz.com

How it works : Scan• Go to URL https://www.ssllabs.com/ssltest/• Enter desired address in Hot name field e.g

www.facebook.com• Click on Submit button

9

www.confiz.com

Scan Result• Click on Url to view result • https://

www.ssllabs.com/ssltest/analyze.html?d=www.facebook.com&s=2a03%3a2880%3af10d%3a83%3aface%3ab00c%3a0%3a25de&hideResults=on

10

www.confiz.com

References• https://www.ssllabs.com/ssltest/• https://www.ssllabs.com/• https://www.ssllabs.com/projects/rating-guide/index.html• https://

www.ssllabs.com/downloads/SSL_Server_Rating_Guide.pdf• https://www.ssllabs.com/projects/rating-guide/index.html

11