This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

SSH Communications Security to release free assessment tool

Share this article:

SSH Communications Security has announced a free tool to scan and assess networks to provide a report on risk and compliance exposures in secure shell (SSH) environments.

Named the SSH Risk Assessor (SRA), the company claimed that it identifies an organisation's compliance status with relevant standards, assesses actions needed to achieve compliance and provides an understanding of the current state of the SSH environment.

According to the company, the free tool enables internal and external audit and security teams to collect SSH key information across the environment and provide an assessment of risk exposure. The tool highlights known vulnerabilities in the environment, basic statistics on SSH keys deployed and specific violations of current best practices.

Tatu Ylönen, CEO and founder of SSH Communications Security, told SC Magazine that the current state of SSH key management is so bad that it is currently welcoming comment on its draft document around best practice for this technology.

He said: “SRA provides an easy way for enterprises and government agencies to determine if there are risk and compliance issues with respect to who has access to what information in their SSH environment.”

He said that this will create a script to run on each server to analyse it and build a picture of the servers to let users know how many keys they have and help them build a remediation project.

“It is a free tool to show what your situation is without having to make any modifications to your systems,” he said. “It is free now to auditors and eventually we will make it free to everyone.” 

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

NCA wants security pros to become cybercrime fighters

NCA wants security pros to become cybercrime fighters

The UK's National Crime Agency is on the hunt for cyber security professionals to "join the fight against some of the world's most significant cyber criminals" on salaries ranging from ...

GCHQ head says agency was 'never involved in mass surveillance'

GCHQ head says agency was 'never involved in ...

Sir Iain Lobban says GCHQ staff "are normal decent human beings who watch EastEnders and Spooks".

Apple Mac OS criticised for sending search results to third parties

Apple Mac OS criticised for sending search results ...

Apple is under pressure to make changes to the Spotlight feature on the new Mac OS X Yosemite 10.10, which tracks location and sends data back to the firm and ...