The security of a TLS connection heavily depends on the used keysize. If the size of the used key is too small, it becomes easy for an attacker to break the encryption.
An SSL/TLS version offered by the server is outdated. The deprecated versions contain weak implementations that cannot be considered secure anymore. Make sure that your web server offers only recent and strong protocol versions.
There is no cipher order for HTTPS ciphers set or the cipher order includes an insecure cipher. This means, that an attacker could make use of an insecure SSL/TLS connection.
Your website produces an SSL/TLS warning. A warning from the SSL/TLS scanner does not indicate a direct vulnerability but highlights a potential issue that needs to be manually reviewed.
Security headers can address a number of cyber threats. Also known as security-related HTTP response headers, they modify the behavior of web browsers to avoid security vulnerabilities.
RC4 is a type of encryption that has been around since the 1980s. It’s one of the most common and earliest stream ciphers and has been widely used in the Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols, Wireless Equivalent Protocol (WEP), and IEEE 802.11 wireless LAN standard.
One of your used encryption algorithms has severe security issues. Please chose only cipher suites with strong encryption algorithms.
The proprietary F5 TLS stack is vulnerable to ticketbleed. It exposes 31 bytes per request to the attacker and will ultimately invalidate the encryption.
DROWN (Decrypting RSA with Obsolete and Weakened encryption) is an attack on the old SSL v2 protocol version. Read here, how you can prevent SSL DROWN.
Short block sizes make the webserver vulnerable to hit the same hash for multiple inputs. By observing the data for a longer period of time, an attacker can recover secure HTTP cookies.
Copyright © Crashtest Security GmbH 2021. All rights reserved.