Encryption Strength
Tenable Security Center Director uses the following default encryption for storage and communications.
|
Function |
Encryption |
|---|---|
|
Storing TNS user account passwords |
SHA-512 and the PBKDF2 function |
|
Storing user and service accounts for scan credentials, as described in Credentials. |
AES-256-CBC |
|
Storing scan data, as described in Repositories. |
None |
|
Communications between Tenable Security Center and clients (Tenable Security Center users). |
TLS 1.2 with the strongest encryption method supported by Tenable Security Center Apache and your browser, CLI program, or API program: EECDH+AESGCM, EDH+AESGCM, AES256+EECDH, or AES256+EDH. For more information about strong encryption, see Configure SSL/TLS Strong Encryption. |
|
Communications between Tenable Security Center and the Tenable product registration server. |
TLS 1.2 with ECDHE-RSA-AES256-GCM-SHA384 |
|
Communications between Tenable Security Center and the Tenable plugin update server. |
TLS 1.2 with ECDHE-RSA-AES256-GCM-SHA384 |
|
Communications between Tenable Security Center and:
|
TLS 1.3 with the strongest encryption method supported by Tenable Security Center Apache and your browser, CLI program, or API program: ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-SHA384, or ECDHE-RSA-AES256-GCM-SHA384. |
|
Synchronizations between Tenable Security Center and Tenable Vulnerability Management for Tenable Lumin. |
TLS 1.2 |