V9.1 — Client Communication Security
Client Communication Security: 3 L3 requirement(s). V9.1.1: Verify that TLS is used for all client connectivity, and does not fall back to insecure or unencrypted communications. (... V9.1.2: Verify using up to date TLS testing tools that only strong cipher suites are enabled, with the strongest cipher suites s... V9.1.3: Verify that only the latest recommended versions of the TLS protocol are enabled, such as TLS 1.2 and TLS 1.3. The lates...
| Property | Value |
|---|---|
| Section | V9.1 |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-TRANS-01 | TLS 1.2+ Minimum with Configurable Version |
Source: OWASP Application Security Verification Standard 4.0.3