Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature request] Policy Scan Mode #2521

Open
dreizehnutters opened this issue Jul 12, 2024 · 2 comments
Open

[Feature request] Policy Scan Mode #2521

dreizehnutters opened this issue Jul 12, 2024 · 2 comments
Labels
duplicate

Comments

@dreizehnutters
Copy link

Background: The tool ssh-audit provides a beneficial feature that allows scanning a target against a specified policy file. This functionality enables users to verify if the server's SSH configuration aligns with predetermined compliance standards or security best practices.

Feature request: I propose that a similar feature be integrated into testssl.sh, thus equipping it with the ability to assess if a given host adheres to defined constraints. This proposed feature could improve the tool by offering:

  • Predefined policy templates (e.g., PCI DSS, NIST, custom organizational policies) that users can select to audit against.
  • Customizable policy definition where users can specify the criteria and rules for their unique environment.
  • An automated way to ensure that SSL/TLS configurations meet specific security compliance requirements.
@dcooper16
Copy link
Contributor

See #333, #1085, #1108.

@dreizehnutters
Copy link
Author

TL;DR: its not a novel idea, but implementation is hard ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
duplicate
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dreizehnutters @drwetter @dcooper16