Forum Discussion
OpenSSL version
Can I identify OpenSSL versions using Sentinel query? What kind of data type is needed?
7 Replies
- If you E5 , Try the TVM queries in the advanced hunting, the module can be found under Softwarename.
- Take a look at the "Insecure Protocols" workbook to see if that will give you the information you need.
- What data are you looking to query? Your question is a bit open ended without knowing where the data would be coming from.
I am looking for a way to identify OpenSSL versions for different systems. More precisely I am trying to understand if I can find logs that shows there are vulnerable OpenSSL versions as our customer is having troubles identifying those in their reports. Is it possible to create a query in Sentinel to check on which server OpenSSL is installed and in which version?
- That would have to be done on a system-by-system basis. Without knowing what data each system is sending, it would not be possible to make this determination.
