SWEET32 Vulnerability Remediation for Elastic Fleet

Apologies if this is the wrong location to post this topic.

I've been troubleshooting a vulnerability found by our Nessus scanner on our Kibana instance. Nessus shows that the port used by our fleet on our Kibana instance supports SSL Medium Strength Cipher Suites (SWEET32, Nessus ID: 42873). I'm hoping for some guidance on where I would need to go to remediate this vulnerability by declaring which cipher suites to use.

Hi @jakechoi,

Welcome! Thanks for raising your issue. As per our security policy, do you mind contacting security@elastic.co and they can hopefully point you in the right direction?

Hope that helps!

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.