icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Encryption Private Key Detection (PGP)

Low

Synopsis

The remote host passes information across the network in an insecure manner.

Description

The remote host has just passed a PGP encryption private key via plaintext on the network. This is a risk in that private keys should only reside on a local system and if they must be passed, they should be encrypted in transit.

Solution

Ensure that there are policies and guidelines in place that prohibit the passing of private encryption data in plaintext.