Aws Insecure Security Policy
Description
Detects AWS Elastic Load Balancers (ELBv2) that use outdated or insecure SSL/TLS security policies. Insecure SSL policies may expose the load balancer to known vulnerabilities and security weaknesses, potentially compromising the confidentiality and integrity of data in transit.
Detection Strategy
• Scans all ELBv2 load balancers in the specified AWS region
• For each load balancer, examines all listeners that have SSL/TLS policies configured
• Reports a vulnerability if a listener uses an SSL policy that is in the predefined list of insecure policies
• Each vulnerability includes the specific listener ARN and the insecure SSL policy name that was detected
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.