qualys lab
TRANSCRIPT
Presenter : Khizra
1
www.confiz.com
www.confiz.com
2
• Founded in 1999• QualysGuard cloud platform and integrated
suite• Simplify security operation as and lower cost
of compliance• Deliver Security intelligence , automation
the full spectrum of auditing and protection for IT Systems and web applications
Overview
www.confiz.com
Customers
3
• 8,800 customers in more than 100 countriesMajority of customers are Forbes Global and Fortune 100
• Founding members of the Cloud Security Alliance (CSA)
www.confiz.com
Customers
4
www.confiz.com
SSL Labs
5
• Launched in 2009• Research effort of Qualys’s• Help in understanding of SSL/TLS and PKI• Provide tools and documentation to assist with
assessment and configuration• Hundreds of thousands of assessments have
been performed on avg. monthly scan of about 170,000
www.confiz.com
6
www.confiz.com
SSL Labs – How it works
7
1. Verify that Certificate is valid and trusted2. Inspect server configuration in three categories:
a. Protocol support b. Key exchange support c. Cipher support
3. Combine the category scores into an overall score (B/w 0 and 100)
4. Apply a series of rules (Ranges A-, B, C, D, E, or F)
www.confiz.com
SSL Labs – How it works
8
www.confiz.com
How it works : Scan• Go to URL https://www.ssllabs.com/ssltest/• Enter desired address in Hot name field e.g
www.facebook.com• Click on Submit button
9
www.confiz.com
Scan Result• Click on Url to view result • https://
www.ssllabs.com/ssltest/analyze.html?d=www.facebook.com&s=2a03%3a2880%3af10d%3a83%3aface%3ab00c%3a0%3a25de&hideResults=on
10
www.confiz.com
References• https://www.ssllabs.com/ssltest/• https://www.ssllabs.com/• https://www.ssllabs.com/projects/rating-guide/index.html• https://
www.ssllabs.com/downloads/SSL_Server_Rating_Guide.pdf• https://www.ssllabs.com/projects/rating-guide/index.html
11