This repository has been archived by the owner on Sep 17, 2021. It is now read-only.

Security Monkey should monitor SSL Expiration Dates and Alert when appropriate #14

Closed

scriptsrc opened this issue Jul 3, 2014 · 0 comments

Labels

enhancement roadmap

Collaborator

scriptsrc commented Jul 3, 2014

The 'iamssl' technology type has a number of useful fields.

{
    "upload_date": ...
    "server_certificate_id": ...
    "server_certificate_name": ...
    "expiration": ...
    "path": "/",
    "arn": "arn:aws:iam::xxx:server-certificate/xxx"
}

Security Monkey should alert when the expiration date is almost here.

Security Monkey should compare the upload_date to the date that HeartBleed was released and alert on any certs that could have been vulnerable.

Longer term (and this will be filed as a separate enhancement issue), Security Monkey should check ciphers and perform more sslyze-type checks against all certs.

The text was updated successfully, but these errors were encountered:

scriptsrc added the enhancement label

scriptsrc added the roadmap label

scriptsrc mentioned this issue

Monitor ELB Listener Policies and IAM SSL cert size and signature algorithm #88

Merged

scriptsrc closed this as completed

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.