Summary
The latest update to the TrustKeeper scan content that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!
Content Change Highlights
SSLv3/TLSv1.0
Remediation for SSLv3 and TLSv1.0 checks has been modified to align with 30 June 2018 Secure Sockets Layer (SSL)/early Transport Layer Security (TLS) migration date. SSL and Early TLS may no longer be used as a security control for PCI DSS, except by POS POI terminals that are verified as not being susceptible to known exploits and the termination points to which they connect, as defined in PCI DSS Appendix A2. Last month (May 2018), PCI DSS was updated to v3.2.1, to reflect how the security requirements apply after the migration deadline has passed. The new guidance aligns with PCI DSS v3.2.1 and addresses usage of SSL/early TLS after the migration deadline.
Please refer to https://blog.pcisecuritystandards.org/what-happens-after-30-june-2018-new-guidance-on-use-of-ssl/early-tls- and https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf for more details.
How to Update?
All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.
