Open Gadreel opened 8 years ago
Try finding some models that we can adhere to such as:
https://community.qualys.com/blogs/securitylabs/2015/06/08/introducing-tls-maturity-model
I'm not following this one - is this just a check to see if HTTPS is set up up correctly on a site?
-jgl
On Sat, Oct 10, 2015 at 6:42 AM, Andy White notifications@github.com wrote:
Try finding some models that we can adhere to such as:
https://community.qualys.com/blogs/securitylabs/2015/06/08/introducing-tls-maturity-model
— Reply to this email directly or view it on GitHub https://github.com/Gadreel/divconq/issues/157#issuecomment-147078138.
-- Jonathan Lampe, CFTP http://www.cftpcert.com, CISSP https://www.isc2.org/CISSP -- File Transfer Consulting http://www.filetransferconsulting.com, LLC -- 920-248-0656 - jlampe@filetransferconsulting.com - @ftexperts https://twitter.com/ftexperts
"Are you a Certified File Transfer Professional (CFTP) http://www.cftpcert.com yet?"
Partly (cynically speaking) it is something to talk about at conferences:
https://community.qualys.com/blogs/securitylabs/2015/10/09/implementing-the-tls-maturity-model
But I think the point is having an organization wide commitment to TLS 1.2+ so this applies probably to larger businesses. I just wanted a note about that model as I think about security issues.
review:
https://community.qualys.com/blogs/securitylabs/2015/09/16/blindelephant--then-and-now