Total Tests:

UK MCSS Compliance and Application Security

Developed by the UK government and the National Cyber Security Centre (NCSC), the Minimum Cyber Security
Standard (MCSS) provides a minimum set of cybersecurity measures which are mandatory
for the UK government and its departments.

UK Minimum Cyber Security Standard

UK MCSS imposes various data protection, privacy and security testing requirements on all companies that must adhere to it. Holistic visibility and inventory of digital assets, web and mobile application security are an indispensable part of UK MCSS compliance process:

Section 6 (d)

“To protect digital services, you shall:


I. Ensure the web application is not susceptible to common security vulnerabilities, such as described in the top ten Open Web Application Security Project (OWASP) vulnerabilities.


II. Ensure the underlying infrastructure is secure, including verifying that the hosting environment is maintained securely and that you have appropriately exercised your responsibilities for securely configuring the infrastructure and platform.


III. Protect data in transit using well-configured TLS v1.2.”

How We Help Ask a Question