Follow

SSL Grade for Cloud

SSL Grade for Cloud is an asset based security grade given by NormShield to any monitored URL type asset with SSL support. The grade is based on the popular academic grading.

A+ being the best grade and means secure and F being the worst grade and mean the most insecure. The grade is calculated through the existence of various weighted SSL/TLS implementation/standard weaknesses;

  • Certificate And Hostname Mismatch 25
  • SHA-1 Certificate Signature Algorithm 3
  • SSL/TLS Compression (CRIME SSL attack) 10
  • SSL Heartbleed Vulnerability 15
  • SSL Insecure Renegotiation 5
  • SSL Session Resumption With Session IDs 3
  • SSL Insecure SSLv2 15
  • SSL Insecure SSLv3 (Poodle Attack) 15
  • SSL TLS Fallback SCSV 5
  • SSL CCS Injection Vulnerability 8
  • SSL Insecure Key Size 12
  • SSL Insecure Anonymous Algorithms 10
  • SSL FREAK Vulnerability 10
  • SSL Insecure NULL Algorithms 10
  • SSL Session Resumption With TLS Tickets 3
  • SSL/TLS use of weak RC4 cipher 6
  • SSL TLSV1_2 Support 8
  • SSL Weak Cipher Suite (DES) 5
  • SSL Logjam Vulnerability (Weak DH Exchange) 5
  • SSL Drown Attack 15
  • SSL Beast Attack 10
  • SSL Breach Vulnerability 8
  • SSL Forward Secrecy 5

There are additional informational and warning level items that have no weights, therefore, not listed here. Also, note that most of the weaknesses listed above have different weights of which the sum is subtracted from 100, which gives the total score that is used to map the final grade according to the Table 1.

SSL Grade

Detail

A+

If the total score is equal to or bigger than 100

A

If the total score is between 93 and 99 [inclusive]

A-

If the total score is between 90 and 92 [inclusive]

B+

If the total score is between 87 and 89 [inclusive]

B

If the total score is between 83 and 86 [inclusive]

B-

If the total score is between 80 and 82 [inclusive]

C+

If the total score is between 77 and 79 [inclusive]

C

If the total score is between 73 and 76 [inclusive]

C-

If the total score is between 70 and 72 [inclusive]

D+

If the total score is between 67 and 69 [inclusive]

D

If the total score is between 63 and 66 [inclusive]

D-

If the total score is between 60 and 62 [inclusive]

F

If the total score is between 0 and 59 [inclusive]

Table 1 - SSL grading table

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk