TrustSource allows you to identify and prevent the use of broken cryptographic algorithms. This capability gives you the option to assess your portfolio for the use of particular algorithms. Prerequisite is, that you have assessed your SBOMs before. This section will introduce you to the definition of a policy. TrustSource will use these policies to identify and mark unwanted algorithms.
Define a list of unwanted algorithms
To set a Crypto Policy you will require either the Account Administrator or Security Manager role. Got to ADMINISTRATION > POLICIES and select CRYPTO POLICY.
TrustSource will show you the list of algorithms that were already put on the deny list. By using the blue button on the upper left side of the screen you will be able to add further algorithms to the list. To add a new algorithm, complete the dialogue with
- Name: select an algorithm name from the list. TrustSource offers all algorithms that it is capable of identifying. Given you need another, contact support and we will hurry to support it.
- Strength: enter the number of bits used by the algorithm. In general this is 256 or some comparable number.
- Comment: an optional field to explain why you think that this algorithm should nopt be used anymore. We recognized - not very surprisingly - that giving the reason tends to improve acceptance rate.
Finally use ADD or CAnCEL to close the dialog.
Where to find the warnings
TrustSource will flag all algorithms put on the deny list in the details views, in the corresponding cryptographic reports as well as in the compliance reports. See the corresponding sections for more details.
Comments
0 comments
Article is closed for comments.