TLS Attack Surface Assessment

Highlight the status of your organisation’s use of encryption across the entire environment including cloud and third party environments.

What is a TLS Attack Surface Review?

The TLS attack surface review analyses and assesses the encrypted traffic communications across your entire infrastructure including data, centres, private cloud, or specific targeted areas to highlight the state of encryption used within your environments.

The sensor is a virtual software appliance easily deployed in under ten minutes. The platform only gathers metadata associated with the network traffic, always maintaining the privacy of your data. No decryption takes place.

It delivers clarity to the privacy, risk, compliance, and security teams of your encrypted communications. For example:

  • Are the appropriate cipher suites used to ensure strong encryption?

  • Are the communications truly encrypted?

  • Are the TLS versions being used outdated or vulnerable?

  • Are there any connections to known bad sources within your encrypted traffic flows?

The key stakeholders will receive a report of the findings that helps organisations understand whether they meet their internal standards, allowing you to benchmark against regulatory and privacy controls and ultimately allowing your teams to prioritise and remediate risks based on the findings.

What are the issues highlighted and addressed?

Any organisation’s digital transformation investment is significant, and TLS will be widely adopted. Assuring those communications is becoming essential as attackers use encryption to hide.

For the first time, the TLS Attack Surface Review (ASR) highlights the status of an organisation’s use of encryption across the entire environment including cloud and third party environments.

Here are some examples of the risks found within organisations:

  • Identify old and out-of-date SSL/TLS versions and the associated infrastructure.

  • The use of deprecated or out-of-date protocols.

  • Vulnerabilities within specific encryption protocols.

  • The use of weak encryption

  • Sessions that have negotiated null payload encryption.

  • Weak or vulnerable public key distribution.

  • Self-signed certificates used on production or other business-critical platforms.

  • Certificate expiry and long-life certificates that do not conform with standards.

Why should you take on this service?

Organisations should conduct a TLS attack surface review as part of their routine security hygiene activities. Historically, it has been a challenge to understand and analyse the encrypted traffic across an organisation’s infrastructure, which has been neglected in security and risk assessments.

This challenge only increases in scope and difficulty as the use of encryption continues to grow. Our customers have identified significant value over and above their current security, and IT audits assessments. They have significantly reduced their risk exposure and potential attack surface due to this service.