Penetration-Test the TLS Configuration of an Edge Fleet
Overview
What this challenge is about.
Receive read-only access to a 50-node representative sample (anonymized). Scan with testssl.sh + Qualys SSL Labs (where reachable) + a custom Go tool you write to test specific issues (e.g., downgrade to TLS 1.0, weak cipher acceptance, certificate-chain trust). Categorize findings by criticality and applicability (HIPAA, PCI DSS 4.0, NIST SP 800-52 Rev. 2). Design a remediation plan that maintains TLS 1.2 compatibility for the long-tail legacy clients (around 4 percent of traffic). Deliver a 14-page audit report, the custom Go scanner, a CSV of findings per node, and a rollout plan covering the 1,800-node fleet.
The Brief
What you'll do, and what you'll demonstrate.
Audit TLS configuration across an edge fleet sample, identify HIPAA/PCI-relevant weaknesses, and produce a 1,800-node remediation plan that preserves TLS 1.2 compatibility.
Earning criteria — what you'll demonstrate
- Run a structured TLS configuration audit with multiple tools
- Map findings to HIPAA, PCI DSS 4.0, and NIST SP 800-52 requirements
- Write a custom scanner for non-standard TLS misconfigurations
- Plan a surgical remediation across a large fleet without breaking compatibility
Program Fit
Where this fits in your program.
Sharpens the same skills your degree expects you to demonstrate.
Skills
Skills you'll demonstrate.
Each one shows up on your verified credential.
Careers
Roles this prepares you for.
Real titles. Real skill bridges. Pick the one closest to your trajectory.
Career mappings coming soon.