Request demo
Request demo
Request demo
SSH Risk Assessment

Gain visibility into your SSH key estate
& determine the risks

Discover SSH keys across your entire IT environment. Determine the risks they present to production as well as business operations. Assess compliance & improve your SSH key access management.

Contact us Get Free SSHerlock Tool

SSH Risk Assessment as a service or self-service

Risk_Assessment_picture_03

SSH Risk Assessment Service

The goal is to determine what security risks and vulnerabilities exist due to SSH keys in your IT environment and how you can meet your specific compliance requirements.

After scanning your environment, our experts analyze the results and provide you with a detailed custom report that:

  1. Discovers SSH keys in your network.
  2. Identifies privileged access management (PAM) bypass.
  3. Identifies vulnerable SSH keys that are in violation of policies and regulations.
  4. Collects relevant information to help you gain SSH compliance and pass your IT audits.
  5. Provides custom recommendations.



What's included? Contact us

Risk_Assessment_picture_02

SSHerlock: Discovery
& Audit Self-service

SSHerlock is an SSH key and post-quantum resilience discovery and audit self-service tool.

With SSHerlock you can scan your entire SSH key estate or just a few selected servers - anytime, for free.

The SSHerlock self-service helps you:

  1. Gain visibility into your SSH key estate within minutes.
  2. Discover policy and compliance violations.
  3. Identify violations of SSH connections crossing production/non-production boundaries.
  4. Prepare for IT audits by providing recommendations for remediation of violations.



What's included? Get Free SSHerlock Tool

Compare SSH Risk Assessment Service and SSHerlock Self-service

Feature SSHerlock Discovery & Audit Self-service SSH Risk Assessment Service
Discovery and analysis of SSH user keys
Discovery and analysis of SSH host keys
Discovery of SSH1 keys
SSH key trust relationship map
Reporting on SSH key algorithms, size and age
Reporting on orphan keys
Reporting on the usage of weak cryptographic algorithms
SSH server hardening (reporting on common security pitfalls: SSHv1, password authentication for root accounts, TCP tunneling, agent and X11 forwarding, etc.)
Reporting on the usage of deprecated ciphers, MACs and KEX algorithms
Access from non-production to production
Reporting on SSH key parameters
SSH key policy recommendations
SSH key security recommendations
PAM/jump host bypass -
Reporting on unused SSH key granting access -
Analysis of keys under root and other high-privilege, high-risk user accounts -
Reporting on keys granting access to forbidden locations -
Reporting on transitive trusts including privilege elevation through pivoting -
SSH IS TRUSTED BY MORE THAN 5000 LEADING COMPANIES WORLDWIDE
CUSTOMER_Western_union_white CUSTOMER_Walmart_white CUSTOMER_OCBC_white CUSTOMER_Disney_white CUSTOMER_IRS-white2 CUSTOMER_Swiss_white
network_abstract2

SSH Risk Assessment custom report includes:

  • An audit of your SSH key environment, i. e. a comprehensive overview of your current situation (servers, authorizations, keys, policies)
  • An inventory of all active (or potentially active) SSH keys in your environment
  • SSH key health analysis, e. g. key algorithms, length, and age
  • SSH key compliance analysis, e.g. against NIST, SOX, HIPAA, PCI-DSS, and SANS CIS rules
  • Root accounts analysis, e. g. privileged account violations
  • Non-production to production analysis, e. g. non-prod to prod authorizations, non-prod to prod access violations
  • Recommendations to solve and/or remediate your uncovered situation

    Learn how major corporations mitigate their SSH risks >

    Contact us
network_abstract1

SSHerlock Discovery & Audit report includes:

  • A basic audit of your SSH key environment, i. e. a simple overview of your current situation (servers, authorizations, keys, policies)
  • SSH key health analysis, e.g. key algorithms, length, and age
  • SSH key compliance analysis, e.g. against NIST, SOX, HIPAA, PCI-DSS, and SANS CIS rules
  • Root accounts analysis, e. g. privileged account violations
  • Non-production to production analysis, e. g. non-prod to prod authorizations, non-prod to prod access violations
  • Recommendations to solve and/or remediate your uncovered situation

    Get Free SSHerlock Tool

Talk to our experts about our non-invasive SSH Risk Assessment service for complex SSH environments

Thanks for submitting the form.

We at SSH secure communications between systems, automated applications, and people. We strive to build future-proof and safe communications for businesses and organizations to grow safely in the digital world.

Stay on top of the latest in cybersecurity

Be the first to know about SSH’s new solutions, product updates, new features, and other SSH news!

Thanks for submitting the form.

© Copyright SSH • 2024 • Legal