Qualys Expands Its SSL/TLS Security Scanning Service
Qualys enhanced its SSL/TLS scanning technology with a new API and an open-source tool to enable organizations to validate their security.Secure Sockets Layer/Transport Layer Security (SSL/TLS) is widely used to secure data in motion on the Internet, but it isn't always configured properly or patched for the latest security updates. Aiming to help improve the state of SSL/TLS deployments, Qualys announced on March 17 that it is expanding its SSL Labs testing service to enable API access for bulk scanning of multiple server hosts. Qualys is also providing an open-source tool to help automate the process for scanning SSL/TLS. The SSL Labs service to date has been a Web interface that enables anyone to simply input a Web address and then check to see the status of their SSL/TLS server configuration. "SSL Labs is a service we have provided for several years, and now providing APIs is the next step," Ivan Ristic, director of engineering at Qualys, told eWEEK. "The problem that our users have had is that some of them have hundreds of servers, and they want to check their servers more regularly." With the new API, users can check the status of server SSL/TLS for free, Ristic said. In addition to the API, Qualys has built an open-source tool called ssllabs-scan that incorporates the API into a command-line tool. Ristic said that with the ssllabs-scan, an organization can set up a regular process for checking SSL/TLS security that could potentially alert an organization if security is degraded.
Qualys also has an SSL/TLS site called SSL Pulse, which provides a regular report on SSL/TLS configuration and security statistics. Ristic emphasized that data from the SSL Labs API scanning is kept private and does not get integrated with the SSL Pulse data. The data for SSL Pulse comes from regular scanning of SSL/TLS-enabled sites on the Alexa Top Sites list, Ristic said.