Data protection

ELB allows insecure SSL protocols

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

An ELB security policy is using insecure and/or outdated versions of the SSL protocol. Such versions often have exploitable flaws and/or vulnerabilities, which can allow malicious actors to intercept connections and potentially even decipher encrypted text.

  • Recommended Mitigation

    Ensure that your ELB security policies always use the latest versions of the SSL protocol.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.