Skip to main content

Is cyberessentials.online a Scam? Security Check Results - ID Cyber Solutions Reviews

cyberessentials.online favicon

Is cyberessentials.online Safe? Security Analysis for ID Cyber Solutions

https://cyberessentials.online

Check if cyberessentials.online is a scam or legitimate. Free security scan and reviews.

TechnologyUnited Kingdomsmall
WordPressWooCommerceSmart Slider 3SiteOrigin PanelsZoho SalesIQ+2 more
Analyzed 10/3/2025Completed 4:02:21 PM
59
Security Score
MEDIUM RISK

AI Summary

ID Cyber Solutions operates the website cyberessentials.online, providing Cyber Essentials and Cyber Essentials Plus certification services primarily in the UK and worldwide. The company is positioned as an established and award-winning provider specializing in cybersecurity certification training and audits. Their business model focuses on online self-assessment tools, remote audits, and support services to help organizations achieve Cyber Essentials certification efficiently. The website content is professional, well-structured, and targets organizations seeking to improve their cybersecurity posture and compliance. Technically, the website is built on WordPress with WooCommerce for e-commerce functionality, enhanced by plugins such as Smart Slider 3 and SiteOrigin Panels. The site uses Zoho SalesIQ and PageSense for marketing automation and analytics, indicating a moderate level of digital maturity. Hosting and DNS are managed via Cloudflare and Gandi SAS, with HTTPS enforced and a clientTransferProhibited domain status, reflecting good domain security practices. From a security perspective, the site employs HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong, with clear privacy and cookie policies, cookie consent mechanisms, and GDPR compliance indicators. Contact information is transparent, including a physical address and phone number. However, no explicit security policy or incident response information was found. Overall, the website presents a low risk profile with strong business credibility and a good security posture. Recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and implementing a vulnerability disclosure mechanism to further enhance trust and security.

Detected Technologies

WordPressWooCommerceSmart Slider 3SiteOrigin PanelsZoho SalesIQjQueryAll in One SEO Pro

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

The company is well-positioned in the cybersecurity certification market, leveraging its established reputation and award-winning status. Its competitive advantage lies in offering hassle-free, fixed-cost Cyber Essentials certification with online self-assessment and remote audits, appealing to SMEs and organizations seeking cost-effective compliance solutions. The partnership with IASME for cyber insurance adds value to their offerings. The business targets UK-based and international clients, with a clear focus on technology and cybersecurity sectors. The use of Zoho marketing tools and structured data indicates a strategic approach to customer engagement and SEO. The company appears to be small-sized but professional, with growth potential through digital channels and partnerships.

Extracted Contact Information

Marketing Intelligence Data

Phone Numbers (1)

014*******

Physical Addresses (1)

29 Eagle Street, Glasgow, G49XA, United Kingdom

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a mature security posture with mandatory HTTPS, domain transfer protection, and no visible security flaws in the content. However, the absence of DNSSEC and security headers like Content-Security-Policy or X-Frame-Options suggests room for improvement. No incident response or security policy pages were found, which could be a gap in transparency and preparedness. The use of third-party marketing and analytics tools introduces moderate user tracking but is managed with cookie consent mechanisms, supporting privacy compliance. Overall, the security posture is good but could be enhanced by adopting additional best practices and explicit security documentation.

Strategic Recommendations

Priority Actions for Security Improvement

1

Enable DNSSEC on the domain to improve DNS security and prevent spoofing.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

ID Cyber Solutions

Description:

ID Cyber Solutions are one of the most established, award winning and experienced providers of Cyber Essentials training and certification, proven to cost effectively increase your company's cyber protection and customer reassurance with minimal disruption.

Key Services:
Cyber Essentials certificationCyber Essentials Plus certificationCyber Essentials renewalOnline self-assessmentRemote auditsOnline support and tutorials
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
WordPressWooCommerceSmart Slider 3SiteOrigin PanelsZoho SalesIQjQueryAll in One SEO Pro
Frameworks:
WordPress
Platforms:
WordPress
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
80/100
Best Practices:
  • HTTPS enforced
  • Domain status clientTransferProhibited
  • No exposed sensitive data in HTML

Analytics & Tracking

Services:
Zoho PageSense
Tracking Level:moderate
Privacy Compliance:good

Advertising & Marketing

Tracking Pixels:
Zoho SalesIQZoho PageSense
Marketing Tools:
Zoho SalesIQZoho PageSense
Transparency Level:basic

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:high

Key Observations

1

Website is fully accessible with no blocking or WAF challenges.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

45/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

100/100
Score
No issues found

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
phone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

65/100
Score

DMARC not enforcing

MEDIUM

DMARC policy is set to "none"

Weak DKIM Key

HIGH

DKIM selector 'mail' uses 672-bit key

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:_spf.mx.cloudflare.net ~all
DNS Lookups:1/10
Policy:~all
DKIM Selectors Found
Selector:mail(672-bit rsa)
DMARC Details
Policy:none
Aggregate Reports:e9bc21a6805f42089b494b5672cf1ab7@dmarc-reports.cloudflare.net

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

0/100
Score

Unable to retrieve SSL certificate

CRITICAL

Could not establish secure connection to retrieve certificate information

Mixed Content Detected

MEDIUM

1 resources loaded over insecure HTTP

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

80/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

DMARC Policy Set to None

LOW

DMARC is configured but not enforcing any policy

DNS Records

A Records:172.66.43.39, 172.66.40.217
AAAA Records:2606:4700:3108::ac42:28d9, 2606:4700:3108::ac42:2b27
Name Servers:
jule.ns.cloudflare.comDNS only
peyton.ns.cloudflare.comDNS only
MX Records:
6: route2.mx.cloudflare.net
40: route1.mx.cloudflare.net
74: route3.mx.cloudflare.net
SOA:Serial: 2384242318, TTL: 1800s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:82ms

SPF Analysis

SPF Record:
v=spf1 include:_spf.mx.cloudflare.net ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a modern WordPress CMS with WooCommerce for e-commerce capabilities, supported by popular plugins for sliders and page layout. The integration of Zoho SalesIQ and PageSense indicates advanced marketing automation and user behavior analytics. The site is mobile-optimized with responsive design and good SEO metadata, including JSON-LD structured data. Performance is moderate, with some deferred scripts and external dependencies. Hosting and DNS are managed by reputable providers, with Cloudflare DNS servers and Gandi SAS registrar. The technical setup is solid but could benefit from enhanced security headers and DNSSEC implementation to reduce attack surface.
Analyze Another Website