Sample Report Preview
portal.northstar-commerce-demo.com Cyber Risk Report
Example report. This preview shows how your findings, scores, and recommended actions would be presented.
Report Summary
Overall posture needs attention
Overall, the cybersecurity posture in this sample needs attention, with a high overall risk level of 38. While the Exposure Surface Score is critical and warrants immediate action, the other scores indicate additional areas that should be reviewed and improved.
Executive summary
This section summarizes the most important risks identified during the external scan.
- A public admin interface is still responding over a non-standard web port and should be reviewed immediately.
- Email protections are incomplete, with DMARC policy set too softly for a customer-facing business domain.
- Legacy subdomains and exposed service signals increase the attack surface visible to procurement teams and opportunistic attackers.
- The website appears reachable and operational, but missing headers and outdated stack signals lower trust in the external posture.
Credential Check
No password leaks were detected. Your credentials appear to be safe.
- Use strong, unique passwords with at least 12 characters.
- Enable 2FA on all important accounts.
- Regularly update passwords for critical accounts.
- Use a reputable password manager.
- Be cautious of phishing emails and suspicious links.
- Keep software and browsers updated.
Surface Exposure
This reflects how visible or accessible your systems are on the public internet. Imagine a storefront with too many open doors or windows.
The Exposure Surface Score reflects the potential vulnerabilities that could be exploited by attackers. A critical score indicates immediate attention is required.
- Restrict or remove unnecessary public endpoints.
- Review and tighten access to administrative services and alternate ports.
A critical Exposure Surface Score means public-facing systems need urgent review.
IP Reputation
Your IP address is like your digital business address. If it is located near or on a bad block, it could affect how others perceive your network.
The IP Reputation Score indicates the likelihood of your organization's IP addresses being associated with suspicious activity. A medium score suggests monitoring is advised.
- Continue monitoring for any changes in IP reputation.
- Review shared hosting exposure and investigate unusual outbound activity.
A medium IP Reputation Score suggests there may be minor external trust concerns to review.
Domain Health
We check the settings of your domain to evaluate risks such as easy spoofing, phishing attacks, and insufficient security measures.
The Domain Health Score measures the overall status and security of your domain. A high score means significant risk of spoofing, phishing, or misuse.
- Review DNS policy, subdomain inventory, and certificate coverage.
- Strengthen registrar and DNS account protections.
A high Domain Health Score means domain controls should be improved as soon as possible.
Assets Risk
We assess the security and update risks of digital assets such as websites, servers, and software. If not properly managed, they can be exploited by attackers.
The Asset Risk Score evaluates the risk associated with your digital assets. A medium score indicates that some systems may be outdated or unmaintained.
- Review visible framework versions and update cadence.
- Confirm ownership and maintenance of public-facing assets.
A medium Asset Risk Score means action is advised before small gaps become larger risks.
Support data
This section provides the detailed data that support the summary in the previous section. It includes scan results, identified risks, and other technical indicators.
| Name | Value |
|---|---|
| Diagnosing Company | Northstar Commerce Ltd. |
| Diagnosed Domain | portal.northstar-commerce-demo.com |
| Region | Western Europe |
| Hosting Pattern | CDN + shared cloud edge |
| Primary ISP | Shared cloud provider |
| Scan Type | External domain scan |
IP & DNS
These checks help show whether public domain and network signals suggest trust issues, spoofing risk, or weak configuration hygiene.
| Signal | Status |
|---|---|
| SPF Record | Present |
| DKIM Alignment | Partial |
| DMARC Policy | p=none |
| Suspicious Subdomains | 2 observed |
| TLS Certificate | Valid |
| Security Headers | Incomplete |
Domain ports and externally visible services
| Port | Service | Risk | Status | Description |
|---|---|---|---|---|
| 80 | HTTP | Low | Open | Standard web server response detected. |
| 443 | HTTPS | Low | Open | Primary TLS endpoint is reachable. |
| 22 | SSH | Medium | Open | Remote administration port is reachable from the public internet. |
| 8080 | HTTP-Proxy | Medium | Open | Alternate web service signal detected and should be reviewed. |
| 8443 | HTTPS-Alt | High | Open | Administrative or staging-style interface may be externally reachable. |
| 3306 | MySQL | Critical | Open | Database service appears externally reachable and should not be public. |
| 6379 | Redis | Critical | Open | In-memory data service is responding publicly and requires urgent restriction. |
| 9200 | Elasticsearch | High | Open | Search or log data endpoint is externally visible and should be reviewed. |
| 3389 | RDP | Critical | Open | Remote desktop service appears reachable from the internet and should be locked down. |
Technologies
This section shows the technologies detected during the external scan and the level of risk associated with them.
| Technology | Classification | Risk | Notes |
|---|---|---|---|
| Cloudflare | CDN / edge protection | Low | Provider-managed edge visibility and access controls should be reviewed. |
| WordPress | Content platform | Medium | Common target for plugin and admin exposure; confirm update cadence. |
| jQuery | Frontend library | Medium | Visible library signals suggest dependency review is warranted. |
| Unknown admin endpoint | Web administration | High | Externally visible management surface should be authenticated, restricted, or removed. |
Action Plan
Recommended actions are grouped by urgency so your team can see what needs attention first.
Immediate Actions
- Restrict access to the 8443 endpoint and confirm whether it is still required.
- Review shared inboxes and administrative aliases for public breach notifications or reuse risk.
- Confirm registrar, DNS, and CDN accounts are protected with MFA and named ownership.
Short-Term Actions
- Move DMARC from monitoring mode toward quarantine after validating approved senders.
- Inventory legacy subdomains and retire any staging or parked assets still resolving publicly.
- Add or harden key security headers across customer-facing pages.
Long-Term Actions
- Establish a monthly external exposure review for visible services and DNS changes.
- Adopt dependency scanning and report ownership across the public web stack.
- Document how procurement and customer-facing teams should answer security posture questions.
Provider Communications
These are the follow-up questions worth asking internal owners or service providers.
- Which public endpoints are intentionally exposed for this domain today?
- Is the 8443 service still needed in production, and who owns it?
- What is the plan to move DMARC to an enforced policy?
- Are framework and plugin updates tracked on a monthly schedule?
- Who can provide logs or change history for CDN, DNS, and administrative access?
Limitations and context
External scans provide visibility into public signals, but they do not confirm internal controls or private configuration.
- External scans cannot confirm internal patches, exact package versions, or private compensating controls.
- Some technology fingerprints are approximate and should be validated by the technical owner.
- This sample uses a fictional company and is intentionally shown with a weaker result so visitors can understand the report format.
- Scores and findings are directional and should support, not replace, deeper technical review when needed.