A
ApexAegis
OverviewLogs & EventsEndpoint Events
Attack Paths & SegmentsAttack ComparisonAPT SimulationAI/ML & UEBA
SD-WAN OptimizerNetwork Events
Ghosted Apps & Services
Security PoliciesAddressesServicesURL CategoriesCloud ApplicationsCloud App Tenants
ATP ProfilesSSL InspectionDNS FilterWeb FilterDevice Posture
Users & GroupsDevicesIdentity ProvidersPasskey ManagerABAC ControlOAuth 2.0 & API KeysIdP Configuration
Test My DefenceSecurity PreviewAttack Path AnalysisSSL/TLS Scanner
Compliance ReportCertification ReportITSM Automation
Audit & Config MgmtFeature LicensingClient ConfigRoute Policies
Gateway NodesSCION Partner GatewaySDN SwitchesPort Configuration802.1X Auth ServerWireless ManagementDynamic SGTGuest AccessAPI IntegrationsCA CertificatesPolicy MigrationSettings
K

SSL/TLS Compliance Scanner

Scan hosts for TLS certificate compliance — detect expired certs, weak ciphers, self-signed chains, and deprecated protocols

4
Total Hosts
2
Compliant
2
Non-Compliant
3
Critical Findings
Protocol
TLS 1.0
Cipher Suite
TLS_RSA_WITH_AES_128_CBC_SHA
Key Exchange
RSA (1024-bit)
IP Address
10.0.2.100
Subject
CN=legacy-intranet.acme-corp.com
Issuer
CN=legacy-intranet.acme-corp.com
Valid Until
12/31/2025
Chain Depth
1 (INVALID)
Findings
critical
TLS_VERSIONTLS 1.0 is deprecated and insecure — upgrade to TLS 1.2+
critical
KEY_SIZERSA 1024-bit key is too short — minimum 2048 bits required
critical
CERT_EXPIREDCertificate expired 75 days ago
high
SELF_SIGNEDSelf-signed certificate — not trusted by clients
high
WEAK_CIPHERCBC mode cipher is vulnerable to BEAST/padding oracle attacks
medium
NO_SANNo Subject Alternative Names — modern browsers require SAN