‹ Back to Diagnose

Diagnose / detail

ACME Corp
moderate

TLS 1.0 enabled on edge firewall

Deprecated TLS negotiated for a legacy partner link; compensating control in place.

PCI-DSS →NIST CSF → Mitigating — compensating control documented

Root cause

The edge firewall still negotiates TLS 1.0 for one legacy partner integration. A compensating control is in place while the partner upgrades.

Business impact

Deprecated TLS is a PCI finding and a downgrade-attack risk. It is being mitigated, but until the partner moves, it stays on the books.

Mapped controls

NIST PR.DS-02
Fails while this gap is open
PCI R4.2
Fails while this gap is open
CIS 4.4
Fails while this gap is open