SSL Pulse is an evaluation system that monitors SSL performance test conducted by SSL Lab. It reassures the health and parameters of website that running globally. It provides tools and documents according to health of website so the user may raise the security as well as the SSL accomplishment. SSL Pulse took a survey about 2million website. SSL Pulse is an online dashboard that analyzes the quality of SSL. The Trustworthy Internet Movement a nonprofit project had revealed its first project which called “SSL Pulse”. It was driven in Feb, 2012.
The survey determined that 50% sites were secure and well managed and the rest were needed to be improved. SSL Pulse is available for anybody to assure if the site has secure seal or not. The motto of SSL Pulse is to bring cognizance about the SSL functions. Using SSL Pulse you can check any website within a minute. SSL if not properly managed than it will give user a phony identity. The results come from the survey is listed following:
- The survey discovers that nearly 72% well configured sites are found vulnerable.
- Only 12.9% sites were found secure under prescribed parameters.
- It also come across that a certificate chain was incomplete in 7.5% sites.
- There were 38.2% sites that are using lower cipher strength less than 128 bit.
- The Key used in SSL certificate was about less than 1024 bit.
- There is 31.2% site using SSL V2.0 which is unsafe.
- 11.8% of sites were utilizing renegotiating support which allows attacker to steal confidential data.
- There are 91.9% sites have not Extended Valuation Certificates (EV).
- 72.4% sites are found under BEAST attack.
There are 198,216 websites who owns valid SSL certificates, but only 99,903 websites, that deserves “A” grade. EV SSL Certificate is the complete security solution to avoid risk of BEAST attack.
The above anatomy points that SSL implementation is need to be detected by the programmer so Trustworthy Internet Movement has issued a guideline for implementation and governance of SSL which helps developers to implement and secure the website against the attacker. In current assumption there are numerous users who deal with online shopping and the only fidelity of user is SSL and if the survey outcomes with such results than it will be not untimely to tell you user that you and your monetary details are not safe. So for an E-commerce company desires to heighten its profit and bank of their customers than it should be absolved SSL Pulse assessment.