Friday, February 10, 2017

A ssllab alternatives

If you ever  done any of  ssl validations or auditing , than you  have to have  used qualys ssllab for  ssl-server reporting.

https://www.ssllabs.com/ssltest/analyze.html

 A great alternative is offer via hitechbridge.    https://www.htbridge.com/ssl


PROs over ssllab


  • it's much faster from the start to finish 
  • provides a downloadable test results page
  • output is simpler to follow
  • root > intermediaties  chains is easier to validate
  • you can easily test not std http-ports ( https://mysite.mydomain.com:8001 for example )
  • conducts a  rash of compliance testing output for PCI/HIPAA/NIST
  • you have more test options web email domain
  • can test various http-server headers and validate cookies

Here's a few  screenshot of important  outputs in the download pdf  report for a typical site






various   compliance checks again





BestPractices suggestions




certificate chains details 







 option domain  checks results



  Headers checks



 validating cookies are encrypted



 This is like the easiest ca-chain format to follow






Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
         o 
        /  \




No comments:

Post a Comment