In earlier times, when using TufinOS 3.x (based on CentOS) it has been possible to check which ciphers are going to be used in SSL and TLS, respectivly. After upgrading to TufinOS 4.x (based on Rocky Linux) this is no more possible. 

Tufin Support states that this is "as designed" and "it's secure": 

Tufin routinely carries security tests for each supported version. If an issue is detected by public commercial tools or with customized penetration testing - it is handled immediately. As far as we can tell, based on tests by Tufin and many of our customers, there are no vulnerable ciphers loaded and available to use in TOS.