Drata

This test is part of the <b>Strong SSL/TLS Ciphers Used </b>control that ensures all data in transit is secure and encrypted using SSL/TLS ciphers. Drata will test the strength of your SSL/TLS encryption to determine if the encryption can easily be decoded or if the data is sufficiently protected.

Company domain and product URL specified in Drata. The Drata company domain may not include the <code>http</code> or <code>https</code> protocol, or the <code>www</code> subdomain. This means Drata is testing the SSL certificate on that domain specifically.

Makes sure that the domains/urls above do not accept connections from browsers that use weak SSL/TLS ciphers.

A weak SSL/TLS cipher uses an insufficient key length for the encryption algorithm. This makes it trivial for an attacker to crack the encryption - more-so as computers and GPUs become more powerful.

There are online tools that check domains for weak ciphers. Also most modern browsers will alert if the cipher suite is not supported.

Disable weak ciphers on your web server. This will be unique to your web server tech.

<a href="https://www.cloudflare.com/learning/ssl/why-is-http-not-secure/" rel="nofollow noopener noreferrer" target="_blank">Why is HTTP not secure?</a>

<a href="https://www.smashingmagazine.com/2017/06/guide-switching-http-https/" rel="nofollow noopener noreferrer" target="_blank">Switching from HTTP to HTTPS</a>

- <a href="https://www.cloudflare.com/learning/ssl/why-is-http-not-secure/" rel="nofollow noopener noreferrer" target="_blank">Why is HTTP not secure?</a>
- <a href="https://www.ssl.com/faqs/faq-what-is-ssl/" rel="nofollow noopener noreferrer" target="_blank">What is SSL/TLS?</a>
- <a href="https://www.smashingmagazine.com/2017/06/guide-switching-http-https/" rel="nofollow noopener noreferrer" target="_blank">Switching from HTTP to HTTPS</a>

Drata makes a request to your company website to inspect its SSL configurations and determine if strong SSL/TLS ciphers are used.