ROBOT Attack and SSL Framework
Many of you have heard already about ROBOT attack. Recently, the team of security researchers published the report and described the attack process. ROBOT attack allows adversaries to decrypt the intercepted traffic and perform MitM attacks. About 10% of Alexa Top 10 000 sites are vulnerable to ROBOT attack, but researchers warn that with minor modifications the attack can affect many more websites. Vendors of vulnerable products are currently working on updates, the list of products, their status and updates can be found at http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=144389&SearchOrder=4.
SOC Prime has released SSL Framework Advanced that can scan internal servers, reporting any detected vulnerabilities or malfunctions. It also can detect vulnerabilities that can lead to ROBOT attack. Use case available at https://ucl.socprime.com/use-case-library/info/197
The basic SSL Framework that scans only external websites is available on the Marketplace: https://marketplace.microfocus.com/arcsight/content/soc-prime-ssl-framework-arcsight
By the way, SOC Prime is nominated for several awards; please vote to support the team:
‘Fastest Growing Cybersecurity Company’: https://cybersecurity-excellence-awards.com/candidates/soc-prime
‘Best Cybersecurity Startup’: https://cybersecurity-excellence-awards.com/candidates/soc-prime-2
‘Cybersecurity Team of the Year’: https://cybersecurity-excellence-awards.com/candidates/soc-prime-team