SSL Framework Now Detects Vulnerabilities That Can Lead to ROBOT Attack

Delaware, USA – December 14, 2017 – SSL Framework Advanced for ArcSight is already available in Use Case Cloud. In the next few days, use cases for QRadar and Splunk will be released. SSL Framework helps more than 100 companies around the world to monitor their external SSL certificates in real time, to learn about vulnerabilities in a timely manner, and to receive notifications when approaching the date of certificate expiration. The Advanced version of the use case now can also scan internal servers, reporting any detected vulnerabilities or malfunctions. One of the key features of SSL Framework Advanced is the ability to detect vulnerabilities that can lead to ROBOT attack.

Recently, the team of security researchers published the report and described the attack process. ROBOT attack allows adversaries to decrypt the intercepted traffic and perform MitM attacks. About 10% of Alexa Top 10 000 sites are vulnerable to ROBOT attack, but researchers warn that with minor modifications the attack can affect many more websites. Vendors of vulnerable products are currently working on updates, the list of products, their status and updates can be found at: http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=144389&SearchOrder=4

Stay tuned.

Read the detailed description of SSL Framework Advanced: https://my.socprime.com/en/integrations/ssl-framework-arcsight-advanced

SSL Framework Advanced in Use Case Cloud: https://ucl.socprime.com/use-case-library/info/197/

Ready to try out SOC Prime TDM? Sign up for free. Or join Threat Bounty Program to craft your own content and share it with the TDM community.