Issue Types
- Address score-impacting CVEs in your Scorecard
- Certificate Lifetime Is Longer Than Best Practices
- Certificate Without Revocation Control
- Certificate Is Expired
- Site Does Not Use Best Practices Against Embedding of Malicious Content
- Certificate Is Revoked
- Website does not implement X-Content-Type-Options Best Practices
- Certificate Signed With Weak Algorithm
- Understanding Patching Cadence Findings
- DNS Server Accessible
- Telephony/VoIP Device Accessible
- Website References Object Storage
- SSL/TLS Service Supports Weak Protocol
- How to Implement SPF on Your Domain
- November 2022 OpenSSL 3.X vulnerability detected
- Domain advertised as ransomware victim
- List of software for End-of-Life and End of Service
- Content security policy contains broad directives
- Web application potentially vulnerable to Spring4Shell
- Ransomware infection detected
- Low-, medium-, and high-severity patching cadences analyzed
- Vulnerable Log4j issue types
- FAQ about the Log4j vulnerability
- Website uses GoDaddy TLS certificates
- Website hosted by GoDaddy's Wordpress
- Exposed Personal Information
- Resolving Malware Findings
- Issue Resolution for Exposed Subdomain
- Website Does Not Implement HSTS Best Practices
- Insecure HTTPS redirect pattern