Our cryptography service discovery site discovery.cryptosense.com detects servers under a given domain name and runs SSH and TLS scanners against each of them. The results are checked against best practices carefully defined by Cryptosense. You can also choose to check your results against other widely known standards: ECRYPT and NIST.
Cryptosense Discovery now provides a new standard, “ANSSI”, based on the recent new version of the security recommendations for TLS by ANSSI, the French government cybersecurity agency.
Why would I care about recommendations from ANSSI?
Broadly speaking, ANSSI is the French equivalent of NIST, and their recommendations are usually meant for French OIVs (Opérateur d’importance vitale – companies and agencies considered vital for the French economy and the security of the state), and anyone who wants to supply technology to the French government.
However, even if you are outside those categories, the ANSSI have real experience of state-level actor attack capabilities, so it’s interesting to see what they recommend.Continue reading