DAST - Weak SSL/TLS protocol check

Proposal

I would like to raise a feature request on behalf of a customer for our DAST solution to include checks for weak SSL protocols. Currently, DAST is unable to identify vulnerabilities related to Weak SSL protocols, a gap that competitors like Fortify are addressing.

We understand that our solution does not currently check for Weak SSL, but we believe this would be a valuable enhancement. Implementing this check is likely not overly complex and would significantly strengthen the security validation capabilities of our tool.

https://cwe.mitre.org/data/definitions/295.html

https://cwe.mitre.org/data/definitions/757.html

https://cwe.mitre.org/data/definitions/327.html

cc @vijaysingh1982 @tkopel @arpitgogia @samer.akkoub

Edited Dec 24, 2024 by Arpit Gogia