What is the security rating for ubs.com?

ubs.com has a security posture score of 78/100 (Conditional) based on 8 passive checks covering TLS, DMARC, headers, breaches, CVEs, DNS, and certificates. Scanned February 15, 2026.

ubs.com partially meets LynxRadar's threshold with 78/100. 5 passed, 2 warnings, 1 failures.

Conditional

ubs.com

Item: ubs.com
Rating: 78
Author: LynxRadar

Security posture assessment · Scanned February 15, 2026

Findings

5 · 2 · 1

Checks

8 passive

Executive Summary AI-GENERATED

ubs.com scored 78/100, meeting baseline requirements but with 2 findings that require attention. The vendor can proceed with a remediation timeline agreement.

Critical gaps in: Security Headers. Positive signals: TLS Configuration, Known Breaches, DNS Configuration all passed.

3 action items identified, including 0 critical. The issues are configuration gaps, not architectural problems. A focused remediation effort of 2–5 days could address all findings.

Action Items

Ordered by priority · 3 items

Strengthen email authentication configuration

Effort: 2–4 hours Owner: IT / DNS administrator

high

Email authentication is partially configured for ubs.com but has gaps. Actions needed: add SPF record; configure DKIM. Until DMARC enforcement is active, spoofed emails may still reach recipients.

Compliance Impact

NIST CSFPR.AC-7

Email authentication is a required access control

Remediation Steps

Add SPF record if missing: v=spf1 include:_spf.google.com -all

Configure DKIM and publish public key in DNS

Verify with: nslookup -type=txt _dmarc.ubs.com

🔒

Unlock the full remediation plan

Get detailed steps, compliance mapping, and ownership for all 3 action items. Free — just enter your work email.

No spam. We'll only contact you about this report.

✓ Report unlocked. Scroll down for full details.

Add missing security headers (X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy)

Effort: 1–2 hours Owner: Web server administrator

high

4 of 5 recommended security headers are missing on ubs.com: X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy. These headers protect against clickjacking, MIME-sniffing, and unauthorized browser feature access. Adding them is a server configuration change with no application code changes required.

Compliance Impact

PCI-DSS 4.0Req 6.4.1

Security headers are required application controls

OWASPSecure Headers

Recommended baseline for web applications

Remediation Steps

Add: X-Content-Type-Options: nosniff

Add: X-Frame-Options: DENY (or SAMEORIGIN if you use iframes)

Add: Referrer-Policy: strict-origin-when-cross-origin

Add: Permissions-Policy: camera=(), microphone=(), geolocation=()

Review certificate configuration — expires in 18 days

Effort: 1–2 hours Owner: Infrastructure / DevOps

medium

Certificate issues found for ubs.com: certificate expires in 18 days. Ensure auto-renewal is configured to prevent expiry. These are operational hygiene items, not immediate security risks.

Remediation Steps

Verify auto-renewal is configured (Let's Encrypt: certbot renew --dry-run)

Consolidate certificate issuance to 1–2 trusted CAs

Scan Findings

Security Headers

Critical

DMARC / Email Security

Warning

Certificate Hygiene

Warning

DNS Configuration

Healthy

Known Breaches

Healthy

TLS Configuration

Healthy

HSTS Header

Healthy

CVE Exposure

Healthy