en.wikipedia.org

D+
Conditional · 68/100
Shows significant security gaps that need urgent attention. Positive signals: TLS Configuration, TLS Protocol Support, and HSTS Header all passed. 7 action items identified, including 1 critical. The issues point to real architectural gaps, not just configuration tweaks. A focused remediation effort of 2–5 days could address all findings.
Trust Score Trend
→ No change 1 scan · Last scanned February 25, 2026
Your rating Industry average
Score
100 75 50 25 0
D+
en.wikipedia.org
68/100
Compliance & Certifications
Not yet verified
GDPR
GDPR
DPA not on file
Self-reported
Pro subscribers only
CCPA
CCPA
Privacy policy not on file
Self-reported
Pro subscribers only
Incident History
None in 12 months
March 2026
ChatGPT data exposure
1 source
Resolved
Pro subscribers only
April 2023 – Feb 2026
ChatGPT data exposure
1 source
Resolved
Pro subscribers only
Security Posture
7 items need attention
8 passed
0 of 1 fixed
All 1 critical issue marked as fixed
Re-scan to confirm and update your score.
Turn on email authentication (SPF, DKIM, DMARC)
DMARC / Email Security
1–2 days

This exposes customers, partners, and employees to phishing attacks that impersonate your brand. Right now, anyone can send an email that looks like it came from [email protected] — no password or hack required. This is how the vast majority of phishing scams that impersonate a company work, and it can damage your reputation with customers even though your systems were never touched. Missing: DMARC, SPF, DKIM.

NIST CSFPR.AC-7
Email authentication is a required access control
ISO 27001A.13.2.1
Information transfer policies require email security controls
HIPAA§164.312(e)
Transmission security for electronic PHI
How to fix this
1Add an SPF record in your domain's DNS settings (check with whoever manages your website or domain registration). This is a line of text that tells other mail servers which servers are allowed to send email as you.
v=spf1 include:_spf.google.com ~all
v=DMARC1; p=quarantine; rua=mailto:[email protected]
2Not sure which value to use? Search "[your email provider] SPF record" (e.g. "Google Workspace SPF record") — every provider publishes the exact line to use.
3Turn on DKIM signing — look for "DKIM" under your email provider's admin/security settings. It will generate a record for you to paste into the same DNS settings above.
4Add a DMARC record in your domain's DNS settings (check with whoever manages your website or domain registration). This tells receiving mail servers what to do with messages that fail the checks above (start on "quarantine" — send to spam — rather than "reject", so nothing legitimate gets blocked while you're testing).
5After 2–4 weeks, check the DMARC reports for anything legitimate that got flagged, then tighten the policy from quarantine to reject.
Report unlocked.
View all 8 passed checks
TLS Configuration
TLS Protocol Support
HSTS Header
security.txt (RFC 9116)
Known Breaches
MX Records & Mail Provider
CVE Exposure
Subprocessors & Tech Stack
Company Signals
Claim profile →
Operational risk
Low
11 yrs operating. Well-funded
Lynxradar · Composite signal
Last funding
$40B
Series F · Mar 2025 · SoftBank-led
Crunchbase ↗
Employees
~3,000
+40% YoY growth
LinkedIn ↗
Trust Resources
Claim profile →
Trust Center
trust.en.wikipedia.org ↗
Security page
en.wikipedia.org/security ↗
Privacy Policy
en.wikipedia.org/privacy ↗
DPA (Data Processing Agreement)
en.wikipedia.org/dpa ↗
Updated recently
Subprocessors List
en.wikipedia.org/policies/subprocessors ↗
Similar companies in Media / Publishing
Appears in
Claim profile →
SOC 2 Type II certified vendors
847 companies · Updated weekly by LynxRadar
Track
ISO 27001 certified SaaS
312 companies · Updated weekly by LynxRadar
Track
Top AI vendors by trust score
94 companies · LynxRadar ranking
Track
Enterprise-ready SaaS · Trust score A or above
203 companies · LynxRadar ranking
Track