CheckTLS Security

CheckTLS keeps two types of data from our users: test logs and stored tests (Batches).

Information about tests you run is stored in test logs. These logs are kept for a short time and are only readable by CheckTLS staff.

Only Corporate subscribers can store information on our site. Corporate subscribers require a usercode and password to access this stored information. Each subscriber only has access to their own data.

Subscription information (usercode/password, company info) and each subscriber's own data is stored in a password protected database; this password is separate from subscriber passwords and is only known to CheckTLS staff.

All CheckTLS users only have access to web pages and web services published on the site. Only CheckTLS staff have any access to the underlying OS.

All our hosts are protected by firewalls.

The site has strict Acceptable Use and Privacy policies.

Please do not give us confidential information. Do not put the same password or password scheme in CheckTLS that you use for important things. If you feel your test targets are secret, you can use upload saved test(BatchUpload) which only stores the targets on our site for the duration of the test.

While we take security very seriously, obviously, our position is that if someone breaks into an account on CheckTLS, then all they can do is run some tests. Since most of these tests are available for free on the site anyway, the value of hacking CheckTLS is low so we hope attackers will go after more valuable targets.