BACCHUS UK Academia Cyber Security Overview
What is this website?
This platform analyses the DNS, mail, and web servers operated by .ac.uk domains and tracks their compliance with common cyber security best practices.
It is not representative of any institution's cyber security posture as a whole.
Why?
Side-by-side comparisons allow IT administrators and management to visualise how their security posture compares to others in the sector, and enables quick identification of areas for improvement.
Objectives
This platform's objective is to raise awareness among IT administrators in the UK's education and research sector about the wide range of security techniques available to protect their institutions.
CAA
Enabled 4.7%
Disabled 95.3%
A Certification Authority Authorization (CAA) record provides protection against malicious actors issuing security certificates without permission.
Learn More
CSP
Enabled 1.9%
Disabled 98.1%
A Content Security Policy (CSP) protects web pages against the injection of malicious code which can result in cross-site scripting (XSS) and other attacks.
Learn More
DMARC
Reject 11.8%
Quarantine 13.5%
p=none 18.4%
Disabled 52.6%
DMARC allows email senders and receivers to determine whether or not a given message is legitimately from the sender.
Learn More
DNSSEC
Enabled 1.9%
Disabled 98.1%
DNSSEC cryptographically signs DNS records, providing a way for clients to verify that they are connecting to legitimate servers.
Learn More
HSTS
Preloaded 0.6%
includeSubDomains 12.9%
Base Domain Only 15.9%
Disabled 71.2%
HTTP Strict Transport Security (HSTS) protects website visitors by ensuring that their browsers always connect over an encrypted connection.
Learn More
SPF
-all 35.3%
~all 21.7%
Disabled 44.6%
Sender Policy Framework (SPF) is an email authentication method that helps to identify servers allowed to send email for a given domain
Learn More
| Domain | CAA | DNSSEC | CSP | HTTPS | HTTP Redirect | HSTS | security.txt | localhost | BIMI | DMARC | SPF | MTA-STS | TLS-RPT |
|---|