TLS Inspector
Verifiable IT security with flexible software tools
IT security and data protection are the key topics in electronic data transmission and affect all sectors. Unfortunately, cyber attacks and potential threats have become a reality and the methods employed by the attackers are becoming increasingly professional. Greater emphasis is therefore being placed on the value of cyber security and it can be achieved through significant investments in security and prevention technology.
Challenges associated with cyber security
Systems communicate via public networks
Important features of secure data transmission:
- Integrity – protect against manipulation of data e.g. sensor data or control signals
- Privacy – prevents the reading-in of data e.g. personal data
- Authenticity– identifies the communication partner so that no false identities are attempted
As a rule, all the above measures are necessary for secure business transactions.
TLS Checklist Inspector as a free Website-Check according to BSI specifications
achelos is now offering a free security check of your website via a web portal. The service is aimed at companies of all sizes who are interested in providing proof of a secure TLS network connection in accordance with the requirements of the checklist of the German Federal Office for Information Security (BSI).
Currently, the TLS Inspector from achelos is the only solution available on the market to easily prove compliance with the BSI standard. Within 90 seconds of entering their domain, service providers can see whether their website is configured according to the requirements of the BSI checklist based on TR-03116-4.
The test result in the web portal identifies possible vulnerabilities and provides a direct correlation with the requirements specified in the BSI checklist. Among other things, the correct configuration of certificates, cipher suites, protocols or algorithms are checked.
Especially in the current situation, a secure digital presence of your company is of crucial importance both as a signal to your customers and for your protection and that of your company data.
The first test result is visual, immediately available on screen and free of charge. Further information and detailed reports can be made available on request and is chargeable.
Link to the TLS Checklist Inspector Portal:
achelos test suites secure your network
achelos offers test tools to test your products and solutions and services, independent of the manufacturer, for security and conformity in a manufacturer-independent approach. With our TLS test suites, you can find loopholes and errors in the implementation and configuration of your network connections and as well as in the operation of your web services and systematically secure them. The test objectives are to test the complete structure of the TLS connection, all the way up to mutual authentication and reaction to incorrect behaviour, such as:
- missing or wrong parts of communication
- incorrect key material
- incorrect certificates
- unsuitable cipher suites
- incorrect reaction to manipulations
The TLS test suites from achelos can be used flexibly, all the way up to automated test runs. Extremely efficient test management and various simulation environments are available for this purpose. Implementation of the security protocols is investigated in detail and results are logged for future reference.
Protocols guarantee authenticity, integrity and confidentiality
The catalogue of test cases is continuously extended and is based on requirements from the following sources:
- Functional specifications
- Technical guidelines (TR) from the BSI
- Certifications
- Cryptographic standards
- Application notes on Common Criteria certification
- Evaluation standards
- Penetration tests
- Documentation requirements in line with Common Criteria
