AI SecurityAssessment
This is an example of the AI-powered risk assessment available to Professional tier subscribers. Your actual report will analyse your specific domain.
example-corp.com
Scanned 28 April 2026 | Financial Services
Executive Summary
example-corp.com is currently quantum-vulnerable. The site supports TLS 1.3 which provides the foundation for post-quantum cryptography, but has not yet deployed hybrid key exchange algorithms. Additionally, legacy TLS 1.2 remains enabled, creating a potential downgrade attack vector.
As a financial services organisation, this site handles sensitive transaction data that may be subject to harvest-now-decrypt-later attacks. The DORA regulation timeline suggests remediation should be prioritised before Q4 2027.
Critical Findings (3)
No Post-Quantum Key Exchange
Impact: Sensitive data transmitted today can be stored and decrypted when quantum computers become available.
Recommendation: Deploy X25519MLKEM768 hybrid key exchange via CDN configuration or server update.
TLS 1.2 Downgrade Possible
Impact: Attackers can force connections to TLS 1.2, bypassing any future PQC deployment.
Recommendation: Disable TLS 1.2 after confirming client compatibility or implement strict downgrade prevention.
Missing HSTS Preload
Impact: First-time visitors can be intercepted via HTTP before redirect to HTTPS.
Recommendation: Add domain to HSTS preload list and set max-age to at least 1 year.
Compliance Mapping
Art. 9 cryptographic controls require PQC roadmap
Art. 21 risk management measures not fully met
Req. 4.2.1 strong cryptography - TLS 1.2 fallback issue
No PQC key exchange detected
Prioritised Remediation Plan
Enable X25519MLKEM768 key exchange
Implement HSTS preload
Disable TLS 1.2 (after client audit)
Add Content-Security-Policy header
This is a sample report. Your actual AI assessment will analyse your specific domain, industry context, and current security posture.