Insights from real scan data.
Aggregate posture across the public websites scanned through SecureMonk. Each article runs against live data and refreshes daily. Current sample: 3,153 unique hosts.
The state of open source security
Open source is now the software supply chain, and the attackers know it. The numbers and the incidents (xz, polyfill.io, tj-actions, Shai-Hulud) that defined the era, and what actually reduces the risk.
State of TLS on the public web
What TLS protocol versions, cipher hygiene, and certificate algorithms look like across our sample.
Most common security-header misconfigurations
Which HTTP security headers are missing most often, and why the gap keeps persisting.
Certificate expiry and trust patterns
Validity windows, expiration risk, key-algorithm choice, and OCSP stapling adoption.