Run a single cloud scan

Enable deep scan (Optional)

A deep scan includes the cipher suite scan, HTTP header scan, and TLS/SSL protocols (SSLv3, SSLv2, TLSv1.1, and TLSv1.0) used for the handshake. It also includes the default TLS/SSL protocols (TLSv1.2 or higher).

Note: If a deep scan is enabled, it increases the scan time by several minutes.

Scan critical TLS/SSL server issues (Optional)

Enable this scan to discover critical TLS/SSL server issues such as Heartbleed, Poodle (SSLv3), FREAK, Logjam, DROWN, RC4, and POODLE (TLS).

For more information about these TLS/SSL issues, see TLS/SSL endpoint vulnerabilities.

Ports

Cloud scan only supports port 443 to scan your network for TLS/SSL certificates.

IP/FQDN to scan

Currently, cloud scan supports only IPv4 scanning.

IncludeEnter the public-facing FQDNs and IP addresses you want to include in the scan. Select Include.

Include an FQDN (example.com), a single IP address (10.0.0.1), a range of IP addresses (10.0.0.1-10.0.0.255), or an IP range in CIDR format (10.0.0.0/24).

ExcludeEnter the public IP address you want to exclude from a range of IP addresses. Select Exclude.

Exclude a single IP address (10.0.0.1) or a range of IP addresses (10.0.0.1-10.0.0.255), or an IP range in CIDR format (10.0.0.0/24).

Import from CSVTo import a CSV file containing a list of public FQDNs and IP addresses you want to scan, select Import from CSV.