Website Security Test of kyc.cloud.ais.th

Executive Summary for kyc.cloud.ais.th

• Web Software Security Test
  5 third-party web software dependancies were identified, including 4 outdated dependancies. No known vulnerabilities were detected. No Content Management System (CMS) was identified. The following CMS components, JS-libraries or frameworks were identified: angular, core-js, ngx-select-ex, and others. Show details.
• GDPR Compliance Test
  Potential GDPR compliance issues were identified related to Cookie Protection, Cookie Disclaimer. Show details.
• PCI DSS Compliance Test
  The website is compliant with PCI DSS Requirement 6.3, while being non-compliant with Requirement 6.4. Show details.
• HTTP Headers Security Test
  Issues were identified with key security headers: missing Strict-Transport-Security; misconfigured Content-Security-Policy. An optional HTTP header may not be properly configured: Access-Control-Allow-Origin. Deprecated HTTP headers detected: X-XSS-Protection. Show details.
• Content Security Policy (CSP) Test
  Content-Security-Policy is enforced but configuration issues were identified: directive errors, overly permissive directives. A report-only Content-Security-Policy is not present. Show details.
• Cookies Privacy and Security Test
  3 cookies detected; _csrf, XSRF-TOKEN, connect.sid have security or privacy-related configuration issues. Show details.
• External Content Security Test
  One external request detected; the request completed successfully. SRI is not used for one third-party JavaScript or CSS file. Show details.
• Protection from Data Scraping Test
  No significant anti-scraping protections were detected. Show details.
• DNSSEC Configuration Test
  DNS A record detected; DNSSEC signatures are not present. Show details.