on
28-Oct-2021
13:42
- edited on
11-May-2022
14:12
by
LiefZimmerman
The 2021 TLS Telemetry Report written by Dave Warburton with additional contributions from Sander Vinberg is now live!
The report is based on data collected by F5 Labs' own free, open-source TLS scanning tool, Cryptonice. Security teams and website operators can use this tool to evaluate the cryptographic posture of their own sites and even incorporate the tool into their DevSecOps workflows for fully automated HTTPS auditing. This year's report also includes relevant stories from the past 18 months illustrating how lapses in TLS have resulted in real-world consequences.
"The desire to intercept, weaken, and circumvent encryption has never been greater. Nation-states and cybercriminals alike are attempting to work around the problems caused by strong encryption. While this rarely results in direct attacks against cryptographic algorithms or protocols, it often leads attackers to instead think of creative ways to intercept or capture information before or after it has been encrypted. With these risks ever-present, it has never been more important to focus on strong and up-to-date HTTPS configurations, particularly when digital certificates are shared across different services."
Some highlights from this year's report include,
Check out the full 2021 TLS Telemetry Report for details and recommendations.