SSL Labs Summary

The integration of SSL Labs with the Centraleyezer Vulnerability Management platform enhances the import and management of security findings related to SSL/TLS configurations. This collaboration enables organizations to efficiently identify, prioritize, track, and remediate vulnerabilities, thereby improving their overall security posture and risk management.

SSL Labs Key Features

  • Data Import:

    • Import SSL/TLS configuration assessments from SSL Labs into Centraleyezer, either on-demand or via automated schedules.

    • Supported formats: JSON.

  • Detailed Findings:

    • Centraleyezer provides comprehensive assessment details detected by SSL Labs tools.

  • Risk Scoring:

    • Configurable severity values for SSL Labs findings, adjustable based on organizational risk policies.

  • Selective Data Import:

    • Supports filtering based on status, scan type, and severity for more precise data imports.

Considerations

  • The integration supports mapping one SSL Labs instance with one Centraleyezer instance.

  • Configuring a different SSL Labs instance in the plugin will overwrite previously imported data.

Requirements

  • System Requirements:

    • Centraleyezer Prerequisites: Latest version of the Centraleyezer Vulnerability Management Platform recommended.

    • SSL Labs Prerequisites: API access must be enabled with proper authentication and must support export of assessment findings and API-based integration.

  • Permissions and Roles:

    • Centraleyezer: Requires System Admin or Application Security Manager permissions.

    • SSL Labs: User access for assessment information.

    • Import mappings require admin-level permissions.

Release Notes

Version 1.0.0:

New mappings for SSL/TLS vulnerabilities from SSL Labs include:

    • Database Field

    • Source Field