Start by discovering the extent of your Terrapin SSH risk posture
As primary experts in the Secure Shell protocol, we have developed tools that can help companies secure their networks, many of which use the SSH protocol extensively. Even if the Terrapin vulnerability’s impact is not considered to be serious for your organization, it is a reminder for organizations to take Secure Shell governance an often neglected area of governance seriously.
We can flag the servers that are vulnerable to the Terrapin attack so that you can upgrade the vulnerable servers at your own pace without wasting time on finding them. We offer an SSH Risk Assessment Service that flags the SSH servers that are vulnerable to the Terrapin attack and gives you an overview of the problem. Our professional team can then help you to upgrade them if needed.
Our risk assessment helps you also:
- Discover SSH keys, the authentication credentials in the SSH protocol, whose numbers easily reach hundreds of thousands in large IT environments.
- Find policy and compliance violations such as the use of weak cryptographic algorithms, insufficient key size, connections crossing production/non-production boundaries, etc.
- Prepare for IT audits by producing a comprehensive report on the state of your environment and providing recommendations for addressing violations.
- Prevent security control bypassing, such as PAM bypass,which isoften conducted by using SSH keys.
- Get recommended next stepson how to put keys under proper governance.
There’s also a quick start to improved SSH security posture: our SSHerlock Discovery & Audit Self-service tool. You can sign up here to get started.
And don’t forget about Universal SSH Key Manager – the most comprehensive SSH key lifecycle management software on the planet that allows customers to migrate to a completely keyless authentication model.