{"id":28481396,"url":"https://github.com/dev-sec/ssl-baseline","last_synced_at":"2025-07-04T08:04:30.598Z","repository":{"id":10946516,"uuid":"67607383","full_name":"dev-sec/ssl-baseline","owner":"dev-sec","description":"DevSec SSL/TLS Baseline - InSpec Profile","archived":false,"fork":false,"pushed_at":"2024-08-08T02:45:50.000Z","size":71,"stargazers_count":67,"open_issues_count":8,"forks_count":23,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-06-05T21:28:14.373Z","etag":null,"topics":["audit","baseline","devsec","hardening","inspec","security","ssl","tls"],"latest_commit_sha":null,"homepage":"https://dev-sec.io/baselines/ssl/","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dev-sec.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-09-07T13:08:08.000Z","updated_at":"2024-09-28T20:45:00.000Z","dependencies_parsed_at":"2023-01-11T20:15:23.967Z","dependency_job_id":null,"html_url":"https://github.com/dev-sec/ssl-baseline","commit_stats":null,"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"purl":"pkg:github/dev-sec/ssl-baseline","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-sec%2Fssl-baseline","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-sec%2Fssl-baseline/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-sec%2Fssl-baseline/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-sec%2Fssl-baseline/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dev-sec","download_url":"https://codeload.github.com/dev-sec/ssl-baseline/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-sec%2Fssl-baseline/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263472275,"owners_count":23471811,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audit","baseline","devsec","hardening","inspec","security","ssl","tls"],"created_at":"2025-06-07T20:07:17.467Z","updated_at":"2025-07-04T08:04:30.586Z","avatar_url":"https://github.com/dev-sec.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"ssl-baseline\n===================\n\nThis Compliance Profile demonstrates the use of InSpec's [SSL resource](https://www.inspec.io/docs/reference/resources/ssl/) by enforcing strong TLS configuration.\n\nThe tests are based on\n- [Mozillas TLS Guidelines](https://wiki.mozilla.org/Security/Server_Side_TLS)\n- [OWASP TLS Cheat Sheet](https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet)\n- [Cipherli.st](https://cipherli.st/)\n\n## Standalone Usage\n\nRequires [InSpec](https://github.com/chef/inspec) 1.21.0 or newer for execution:\n\n```\n$ git clone https://github.com/dev-sec/ssl-baseline\n$ inspec exec ssl-baseline\n```\n\nYou can also execute the profile directly from Github:\n\n```\n$ inspec exec https://github.com/dev-sec/ssl-baseline\n```\n\n## Covered Attacks / Weaknesses\n\n- [Return Of Bleichenbacher's Oracle Threat (ROBOT)](https://robotattack.org/)\n\n## Contributors + Kudos\n\n* Dominik Richter [arlimus](https://github.com/arlimus)\n* Christoph Hartmann [chris-rock](https://github.com/chris-rock)\n* Alex Pop [alexpop](https://github.com/alexpop)\n* Patrick Münch [atomic111](https://github.com/atomic111)\n* Christoph Kappel [supergicko](https://github.com/supergicko)\n\n## License and Author\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdev-sec%2Fssl-baseline","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdev-sec%2Fssl-baseline","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdev-sec%2Fssl-baseline/lists"}