Friday, February 10, 2017

A ssllab alternatives

If you ever  done any of  ssl validations or auditing , than you  have to have  used qualys ssllab for  ssl-server reporting.

 A great alternative is offer via hitechbridge.

PROs over ssllab

  • it's much faster from the start to finish 
  • provides a downloadable test results page
  • output is simpler to follow
  • root > intermediaties  chains is easier to validate
  • you can easily test not std http-ports ( for example )
  • conducts a  rash of compliance testing output for PCI/HIPAA/NIST
  • you have more test options web email domain
  • can test various http-server headers and validate cookies

Here's a few  screenshot of important  outputs in the download pdf  report for a typical site

various   compliance checks again

BestPractices suggestions

certificate chains details 

 option domain  checks results

  Headers checks

 validating cookies are encrypted

 This is like the easiest ca-chain format to follow

Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
        /  \

No comments:

Post a Comment