Skip to main content
All CollectionsRecon
How to read your Defense.com Recon Report
How to read your Defense.com Recon Report

This guide will walk you through how to read your Defense.com Recon Report.

Alan Butcher avatar
Written by Alan Butcher
Updated over a week ago

Your Defense.com Recon report provides an overview of your domain name and website configuration using publically available information. This shows you the first things a hacker would look for when planning an attack on your systems.

Finding your Recon Report

Your Recon Report is available both on your main Defense.com Dashboard.

And via the navigation menu by clicking the Prevention icon followed by Recon in the expanded menu.

Click on your domain name or the eye icon to view your report.


Report Breakdown

Your Recon Report is split into 10 categories:

Shared Hosting

This section tells you whether your website is hosted on a shared server. If you’re on shared hosting and you take card payments, you need to ensure your shared hosting provider is compliant with PCI DSS requirement 2.6.


Related Targets

This section tells you if your domain has any subdomains. You should ensure that any subdomains you have are either appropriately documented in your asset inventory, secured or removed.


Email Blocklists

This section provides the results of searches on a range of commonly used email blocklists. If any spam has recently been sent from your domain or mail server and you end up on a blocklist, you'll need to check your logs for suspicious activity, resolve any issues found, and request removal from the blocklist to ensure your emails are received by your clients.


Email Spoofing Protection

This section tells you if your domain has measures in place such as Sender Policy Framework (SPF) to protect your domain from spoofing. This is a core part of your organisation’s defence against phishing attacks. Without it, anyone can send emails from your domain name and the recipients would be none the wiser.


Vendors

This section identifies any third-party vendors associated with your website. This is essential for security due diligence and for GDPR compliance. Vendor information is provided for the following categories:

  • SSL Cert

  • DNS

  • Email

  • Hosting

  • Registrar


SSL Cert Expiry

This section checks the expiry of your SSL certificate. Expired SSL certificates are security weaknesses that result in non-compliance with PCI DSS, ISO 27001, and GDPR.


Website Encryption

This section tells you which encryption protocols and ciphers are being used by your website. Most modern web browsers use secure ciphers by default, but leaving weak ciphers enabled on your server is still a security risk.

Knowing your web encryption standards is vital for complying with ISO 27001, GDPR, and PCI DSS.


HTTP Header Security

This section lists the HTTP security headers returned by your website.

HTTP response headers can be used to restrict web browsers from running into easily preventable vulnerabilities. Correctly configured HTTP security headers improve the security of your website and also help with ISO 27001.

The security headers tracked are:

strict-transport-security (HSTS)

Description: This header helps to protect websites against protocol downgrade attacks and cookie hijacking. It allows web servers to declare that web browsers should only interact with it using secure HTTPS connections, and never via the insecure HTTP protocol.

Recommended value: max-age=31536000 ; includeSubDomains

x-frame-options (XFO)

Description: This header instructs web browsers whether your website's content can be displayed within frames on other websites.

Recommended value: sameorigin

x-xss-protection

Description: This header enables the cross-site scripting filter in your browser.

Recommended value: 1

x-content-type-options

Description: This header will prevent the browser from interpreting files as a different MIME type to what is specified in the Content-Type HTTP header (e.g. treating text/plain as text/css).

Recommended value: nosniff

content-security-policy (CSP)

Description: This header requires careful tuning and a precise definition of the policy. If enabled, CSP has a significant impact on the way browsers render pages (e.g., inline JavaScript is disabled by default and must be explicitly allowed in the policy). CSP prevents a wide range of attacks, including cross-site scripting and other cross-site injections.

Recommended value: Click here for details.


Open Services

This section tells you if you have any other services running on the same server as your website. Security best practice is to limit the number of services on a single server.

Knowing your open services helps comply with PCI DSS Requirements, ISO 27001, and GDPR.


Website Technologies

This section tells you which 3rd party libraries and technologies are used on your website. The latest versions are given where applicable, to help remind you to keep your software up to date with the latest security patches.

Did this answer your question?