Encryption Strength
| Function | Encryption |
|---|---|
| Storing TNS user account passwords | SHA-512 and the PBKDF2 function |
| Storing user and service accounts for scan credentials, as described in Credentials. | AES-256-CBC |
| Storing scan data, as described in Repositories. | None |
|
Communications between Tenable.sc and clients (Tenable.sc users). |
SSL/TLS 1.2 with the strongest encryption method supported by Tenable.sc Apache and your browser, CLI program, or API program: EECDH+AESGCM, EDH+AESGCM, AES256+EECDH, or AES256+EDH. For more information about strong encryption, see Configure SSL/TLS Strong Encryption. |
| Communications between Tenable.sc and the Tenable product registration server. | SSL/TLS 1.2 with ECDHE-RSA-AES256-GCM-SHA384 |
| Communications between Tenable.sc and the Tenable plugin update server. | SSL/TLS 1.2 with ECDHE-RSA-AES256-GCM-SHA384 |
|
Communications between Tenable.sc and:
|
SSL/TLS 1.2 with the strongest encryption method supported by Tenable.sc Apache and your browser, CLI program, or API program: ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-SHA384, or ECDHE-RSA-AES256-GCM-SHA384. |
| Synchronizations between Tenable.sc and Tenable.io for Lumin. | SSL/TLS 1.2 |