Domain Security
Security Guides & Insights
Practical guides on DMARC, SPF, DKIM, TLS, DNS hygiene, and attack surface management for UK businesses.
- Compliance
Cybersecurity Compliance for UK SMBs: What You Actually Need
UK SMBs face a growing list of cybersecurity compliance requirements — Cyber Essentials, ICO obligations, sector-specific frameworks. This guide cuts through the noise and explains what you actually need to do.
3 May 20268 min read - Legal
Domain Security for UK Law Firms: Protecting Your Domain from Phishing and Fraud
UK law firms are prime targets for email fraud. This guide covers the domain security controls every solicitor should have in place to protect clients from phishing attacks that impersonate the firm.
2 May 20267 min read - Attack Surface
Passive vs Active Security Scanning: What Is the Difference?
Active scanning sends traffic to target systems. Passive scanning reads only publicly available data. This guide explains when each approach is appropriate, and why passive scanning is often the better starting point.
30 Apr 20266 min read - Financial Services
Email Authentication for UK Financial Services: DMARC, SPF, and DKIM
FCA-regulated firms face elevated phishing risk. This guide covers DMARC, SPF, and DKIM requirements for UK financial services firms, including FCA and PRA expectations around email security.
28 Apr 20268 min read - Security Headers
Content Security Policy: A Practical Guide for 2026
Content Security Policy is the most powerful browser security control — and the most complex to implement. This guide walks through CSP for both simple sites and Next.js/React applications.
26 Apr 20269 min read - Security Headers
HSTS Explained: HTTP Strict Transport Security for UK Web Teams
HTTP Strict Transport Security forces browsers to use HTTPS for your domain — even when users type http://. This guide explains HSTS, the preload list, and how to implement it safely.
24 Apr 20266 min read - TLS / SSL
TLS 1.3: Why It Matters and How to Enable It
TLS 1.3 is faster, more secure, and eliminates a decade of protocol baggage. This guide explains what changed, what the security benefits are, and how to enable it on common web servers and CDNs.
22 Apr 20267 min read - Tools
Free Domain Security Check Tools: A Comparison for UK Businesses
Comparing the best free domain security check tools — SSL Labs, MXToolbox, Google Admin Toolbox, Mozilla Observatory, and VP Shield — so you can choose the right one for your needs.
20 Apr 20266 min read - Compliance
Cyber Essentials and Attack Surface Scanning: What You Need to Know
Cyber Essentials certification requires evidence of controlled internet-facing exposure. This guide explains how attack surface scanning supports your Cyber Essentials preparation and annual renewal.
17 Apr 20267 min read - DNS Security
DNS Hygiene for UK SMBs: 8 Things to Check Right Now
Bad DNS configuration is the root cause of many security incidents. This checklist covers the eight DNS hygiene checks every UK small business should run — and how to fix common problems.
15 Apr 20266 min read - Email Security
How to Prevent Email Spoofing: A Technical Guide for UK Organisations
Email spoofing lets attackers forge your company domain in phishing attacks. This guide covers the technical steps — SPF, DKIM, DMARC, and MTA-STS — to close the gap completely.
12 Apr 20268 min read - DNS Security
Subdomain Takeover: The Silent Risk Hiding in Your DNS
Subdomain takeover attacks let attackers serve malicious content from your domain. Learn what causes them, which services are most vulnerable, and how to detect and prevent them.
10 Apr 20267 min read - Security Headers
HTTP Security Headers Explained: The Essential Set for 2026
A practical guide to the HTTP security headers every website should have — Content-Security-Policy, HSTS, X-Frame-Options, Referrer-Policy, and Permissions-Policy — with implementation examples.
8 Apr 20268 min read - TLS / SSL
How to Get an SSL Labs A+ Grade: A Practical Guide
Step-by-step guide to achieving an SSL Labs A+ rating. Covers TLS 1.3, cipher suites, HSTS, certificate pinning, and common misconfigurations that drag down your score.
5 Apr 20269 min read - Email Security
DMARC, SPF, and DKIM: The Complete Guide for UK Businesses
A step-by-step guide to email authentication for UK businesses. Learn how SPF, DKIM, and DMARC work together to stop email spoofing and protect your domain reputation.
3 Apr 202610 min read - Attack Surface
What Is Attack Surface Management? A Plain-English Guide for UK SMBs
Attack surface management explained without the jargon — what it is, why it matters for UK small businesses, and how a passive scan protects you without touching your systems.
1 Apr 20267 min read