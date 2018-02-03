Log in
E-mail
Password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
Settings
Settings
Dynamic quotes 
OFFON

4-Traders Homepage  >  Equities  >  Nasdaq  >  Qualys Inc    QLYS

QUALYS INC (QLYS)
Add to my list  
Mes dernières consult.
Most popular
Manage my lists
  Report  
SummaryQuotesChartsNewsAnalysisCalendarCompanyFinancialsConsensusRevisions 
News SummaryMost relevantAll newsSector newsTweets

Qualys : Forward Secrecy, Authenticated Encryption and ROBOT Grading Update

share with twitter share with LinkedIn share with facebook
share via e-mail
0
02/03/2018 | 03:05am CET

We are giving advance notification for following grading criteria changes applying from March 1, 2018: Not using forward secrecy, not using AEAD suites, and vulnerability to ROBOT.

Penalty for not using forward secrecy (B)

Forward secrecy (FS) also known as perfect forward secrecy (PFS), is a property of secure communication protocols in which compromises of long-term keys does not compromise past session keys. Forward secrecy protects past sessions against future compromises of private key. The very popular RSA key exchange doesn't provide forward secrecy. You need to support and prefer ECDHE suites in order to enable forward secrecy with modern web browsers.

SSL Labs will start penalizing servers that don't support forward secrecy; Grade will be capped to B. We will not penalize sites that use suites without forward secrecy provided they are never negotiated with clients that can do better.

Penalty for not using AEAD suites (B)

AEAD is the only encryption approach without any known weaknesses. The alternative, CBC encryption, is susceptible to timing attacks (as implemented in TLS). AEAD suites provide strong authentication, key exchange, forward secrecy, and encryption of at least 128 bits. TLS 1.3 supports only AEAD suites. SSL Labs doesn't currently reward the use of AEAD suites. In this grading criteria update we will start requiring AEAD suites for A.

Grade will be capped to B, if AEAD suites are not supported. As with forward secrecy, we will not penalize sites if they continue to use non-AEAD suites provided AEAD suites are negotiated with clients that support them.

We have talked about these changes in Announcing SSL Labs Grading Changes for 2017.

Penalty for ROBOT vulnerability (F)

Return Of Bleichenbacher Oracle Threat, is an attack model based on Daniel Bleichenbacher chosen-ciphertext attack. Bleichenbacher discovered an adaptive-chosen ciphertext attack against protocols using RSA, he demonstrated the ability to perform RSA private-key operations. Researchers have been able to exploit the same vulnerability with small variations to the Bleichenbacher attack.

SSL Labs will start giving 'F' grade to the servers affected by ROBOT vulnerability from February 28, 2018.

SSL Labs has started giving a warning if the site doesn't support forward secrecy and/or AEAD suites; or if the site is vulnerable to ROBOT.

Qualys Inc. published this content on 02 February 2018 and is solely responsible for the information contained herein.
Distributed by Public, unedited and unaltered, on 03 February 2018 02:04:04 UTC.

share with twitter share with LinkedIn share with facebook
share via e-mail
0
Latest news on QUALYS INC
03:05a QUALYS : Forward Secrecy, Authenticated Encryption and ROBOT Grading Update
02/02 MELTDOWN / SPECTRE : New Concerns Over Intel Patches, as Hackers Test Exploits
01/31 QUALYS : Continuous Security and Compliance Monitoring for Global IT Assets
01/31 QUALYS : California State Teachers Retirement System Sells 5,356 Shares of Qualy..
01/30 QUALYS : QLYS) Earning Somewhat Positive Press Coverage, Report Shows
01/26 MELTDOWN/SPECTRE : Intel Nixes Patches, Tech CEOs Questioned on Information Blac..
01/25 QUALYS : Cloud Suite 8.12 New Features
01/22 QUALYS : Amer Deeba Sells 2,000 Shares of Qualys Inc (QLYS) Stock
01/17 QUALYS : Meltdown / Spectre Mitigation Is a Work in Progress
01/16 QUALYS : Continuous Security & Compliance Webcast Series
More news
News from SeekingAlpha
2017 Qualys announces asset acquisition
2017 Stocks to watch next week
2017 Qualys (QLYS) Q3 2017 Results - Earnings Call Transcript
2017 Qualys up 5% after Q3 results, upside guidance, and analyst updates
2017 Qualys 2017 Q3 - Results - Earnings Call Slides
Financials ($)
Sales 2017 230 M
EBIT 2017 63,8 M
Net income 2017 46,4 M
Finance 2017 313 M
Yield 2017 -
P/E ratio 2017 53,05
P/E ratio 2018 82,35
EV / Sales 2017 9,03x
EV / Sales 2018 7,44x
Capitalization 2 389 M
Chart QUALYS INC
Duration : Period :
Qualys Inc Technical Analysis Chart | QLYS | US74758T3032 | 4-Traders
Technical analysis trends QUALYS INC
Short TermMid-TermLong Term
TrendsNeutralBullishBullish
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus HOLD
Number of Analysts 16
Average target price 60,7 $
Spread / Average Target -3,7%
EPS Revisions
Managers
NameTitle
Philippe F. Courtot Chairman, President & Chief Executive Officer
Melissa B. Fisher CFO & Principal Accounting Officer
Mark Butler Chief Information Security Officer
Donald R. Dixon Lead Independent Director
Sandra England Bergeron Independent Director
Sector and Competitors
1st jan.Capitalization (M$)
QUALYS INC5.31%2 389
SALESFORCE.COM11.43%81 432
NUTANIX INC-9.01%5 151
CORNERSTONE ONDEMAND, INC.16.42%2 359
GTT COMMUNICATIONS INC-1.70%1 990
CLX COMMUNICATIONS AB (PUBL)-6.57%461
4-traders.com :
About :
Stay Connected :
Partners :
Copyright © 2018 Surperformance. All rights reserved.