security best practices ?
Talk Talk Failures
Mail :
NO DKIM
NO DMARC policy
insecure SSLv3
insecure RC4-SHA cipher suite
hash algorithm that is not secure on the certificate
NO DNSSEC
NO DANE
Their website has :
NO DNSSEC
NO X-Content-Type value
NO Content-Security-Policy (CSP)
Does not offer Referrer-Policy
Does not offer an HSTS policy
Allows for client-initiated renegotiation