« SSL Labs DROWN test implementation details | Main | Available now: The Best TLS Training in the World »

SSL Labs in 2016 and beyond

May 16, 2016

In early 2009, SSL Labs was just this idea I had, born out of frustration with having to deal with a very complex subject without good documentation and tools. I wanted something that worked for me, and didn’t really anticipate that it could become as popular as it is today. The first version launched in the summer of that same year.

I joined Qualys in 2010, not knowing that I’d stay for 6 happy and productive years. In that time, SSL Labs went from a lovely but little known site, to the popular SSL/TLS destination it is today. It’s now a de-facto standard for secure server assessment. More important, it became a place that helps you deploy your systems securely. Over the years I watched with quiet joy tens of thousands of sites improve their configuration, a process that accelerated with the rise of popularity of SSL Labs. The last time I looked at the statistics, hundreds of thousands of people were on the site monthly, usually several times.

Qualys have been fantastically supportive of my work. Even though I didn’t originally join to work on SSL Labs, the site became my primary job at the point when that was most needed. To their credit, the web site remained free and there was never any attempt or even idea to compromise on the service in any way. In fact, almost the only mention of Qualys is the logo at the top of the web site. It’s so rare to give unreservedly, without asking for anything in return.

My journey was long, but exciting. Over the years, in a quest to understand it all, I immersed myself in the ecosystem. Somewhere along the line I couldn’t resist the temptation to write another book, and Bulletproof SSL and TLS was born.

After 7 years with SSL Labs, it’s time for me to move on and pursue other projects, but my journey doesn’t end here. In fact, even though I left Qualys as an employee, I am staying on as an advisor to help SSL Labs continue to improve. After all, SSL Labs is a big part of me and I can’t leave it behind just like that.

Looking from outside, there probably won’t be many changes. I will be less active on the forums and mailing lists, but I’ll still be there. Qualys are committed as ever to continue making SSL Labs better. In fact, over the last two months I’ve been helping my colleagues Yash and Bhushan take over the development; we’re now planning the next steps together.

Qualys, thank you for a wonderful opportunity to work on what I love. It was a pleasure working with you all. Also thanks to everyone who used SSL Labs over the years and especially those who wrote in, reported problems, and asked for improvements. You helped shape SSL Labs into what it is today.

Now onto the new adventures that await in the future! I’ll see you on the net.

MY BOOK: If you like this blog post, you will love Bulletproof SSL and TLS. For system administrators, developers, and IT security professionals, this book provides a comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI and will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks. It's available now.