SSL Labs unveils free open source tool, new APIs

Qualys SSL Labs now includes free assessment APIs, accompanied by a free open source tool that can be used for bulk and automated testing of websites. These new enhancements provide the same results as those obtained manually on SSL Labs, while enabling security professionals managing several websites to consolidate testing, detect changes in results and receive notifications on certificate expiration.

The new features within SSL Labs include:

Server Assessment APIs give full access to the SSL Labs server inspection functionality, allowing programmatic invocation for any number of hosts. The availability of the APIs allow system operators to integrate SSL Labs assessment with their security policies and perform frequent automated checks.

Open Source Command-Line Tool is intended for use by those who don’t wish to program against the APIs. Written in Go, it also doubles as a reference client for the APIs, providing those who wish to integrate them into other projects. The APIs have already been integrated by other open source efforts in .Net, Perl, and Ruby.

“Many organizations struggle to fully understand their exposure to various SSL/TLS security issues, due to the complexities of secure server configuration and constant change and attack disclosure in this space,” said Ivan Ristic, director of engineering, Qualys. “By offering free API access, we are enabling our users to automate website testing and regularly check their configuration in order to ensure websites are secure and protected from SSL vulnerabilities.”

Qualys is also working with domain name registrars, certification authorities, and large infrastructure providers to help verify the security of their customers. For example, the CZ Domain Registry is planning to use the new APIs to monitor the security of more than 1 million names they have in their domain space.