Secure Socket Layer (SSL) is a secure data transmission protocol using public/private key encryption. During MDR vulnerability scans, Alert Logic conducts many types of SSL vulnerability checks including the detection of weak SSL ciphers accepted by the target host.
Over time, SSL ciphers once considered strong and secure can become weak and insecure. For this reason, Alert Logic routinely maintains a list of weak SSL ciphers detected by its scan engine. Alert Logic scanning capabilities have been updated to detect additional weak SSL ciphers.
Note: Alert Logic does not determine when an SSL cipher is no longer considered strong and secure.
Weak Ciphers Reporting in the Alert Logic Console
If a weak cipher is detected during a scan, the host will be reported with the SSL - Server Supports Weak SSL Ciphers exposure in the Alert Logic console.
You can check if this exposure has been detected under (navigation menu) > Respond > Exposures and select Exposures from the drop-down menu.
Within the Exposure console, you can enter SSL Ciphers in the Search box.
Within the Exposure console, Instance Evidence details on specific weak SSL cipher(s) accepted by the host are available by clicking Open for the SSL - Server Supports Weak SSL Ciphers exposure.
For more information on detection of weak and insecure SSL ciphers, see the following resources: