UK security assurance & intelligence

Scan your external attack surface.

Security headersSubdomainsEmail spoofabilityOrigin exposure
Built by operators. Supported by AI.
The Brief

Today's intelligence

Risk LOW 100 KEV138 CVEs286 articles52 sources
Analyst read

Microsoft has patched the RoguePlanet zero-day in Defender and a SharePoint remote code execution flaw now flagged by NHS Digital, while the watchlist carries six critical items led by two unauthenticated Esri ArcGIS Server vulnerabilities.

StratQuad analysis · 10 July 2026 · read the full brief →
Advisory
NHS Cyber Alerts · 24h ago · CVE-2026-33112

CC-4810 - Microsoft SharePoint Remote Code Execution Vulnerability CVE-2026-33112

Organisations running SharePoint should verify whether CVE-2026-33112 affects their deployment and prioritise patching, as authenticated attackers can achieve remote code execution without additional exploitation steps.

Read at source ↗
Advisory
NCSC Feed · 23h ago

Cyber Essentials Pathways: from proof of concept to cyber confidence

Read at source ↗
Intelligence
Malwarebytes Labs · 24h ago

Microsoft fixes RoguePlanet zero-day in Defender

Read at source ↗
Intelligence
Cisco Talos Blog · 16h ago

WolfSSL, GeoVision, VTK vulnerabilities

Read at source ↗
Exploited
All CISA Advisories · 23h ago

Schneider Electric Easergy MiCOM Px40 Series

Read at source ↗
Vendor watch
Key vendor security activity over the last seven days.
Microsoft7 · 5 new

Microsoft released fixes for 336 CVEs in today's advisory batch, including CVE-2026-50656 affecting Windows Defender and CVE-2026-33112, a remote…

Google3 · 1 new

Google has released patches for three active vulnerabilities affecting your estate: CVE-2026-11645 in Chrome (exploited in the wild), CVE-2026-46242…

Also activeAmazon Web Services 2Cisco 5 +1VMware 1 +1

Get the brief at 07:00, every weekday.

The day's UK security intelligence, read and ranked so you start informed: the stories that matter, the IOCs your SIEM needs, and the actions worth taking first.

From recon to report

Every scan produces a result you can act on.

A posture score, findings graded by severity, and clear remediation guidance. On the platform, the full result exports as a PDF report.

app.stratquad.co.uk/scan/acme.co.uk
Example result
Posture score
acme.co.uk
62/ 100
Exposure48
Email security55
TLS & certs71
Headers74
FINDINGS · 18
Fix first
CRITICALAdmin panel exposed without authenticationadmin.acme.co.uk
HIGHOrigin IP exposed behind CDNdev-portal.acme.co.uk
HIGHSPF and DMARC not enforcedacme.co.uk
MEDIUMLegacy TLS 1.0 and 1.1 enabledmail.acme.co.uk
MEDIUMSecurity headers missing: CSP, HSTSwww.acme.co.uk
LOWServer version disclosed in responsewww.acme.co.uk
PDF report
External Security Report
acme.co.uk · 17 Jun 2026
Export · PDF
01

Recon

Map the external perimeter as an attacker would see it, across every host we can identify.

02

Analyse

Findings are scored and graded by severity, with clear remediation guidance for each.

03

Report

A risk assessment aligned to industry frameworks, exported as a PDF report you can hand to a client or auditor.

Multi-vector reconnaissance.

Active scanning and passive intelligence run on every scan, each source feeding a single posture score. The result is a complete picture of the external surface rather than a partial check.

Active scanning
Vulnerability detection
Template based scanning across web, network and cloud surfaces.
Web server analysis
Configuration scanning for known misconfigurations and exposures.
TLS and cipher analysis
Certificate chain validation and protocol downgrade checks.
Content discovery
URL fuzzing with response baseline fingerprinting.
Port scanning
Fast port scanning for exposed services on discovered hosts.
Passive intelligence
Certificate transparency
CT log queries for subdomain enumeration.
Subdomain discovery
Passive discovery across public DNS and archive sources.
Service enumeration
IP and domain intelligence with banner data.
Technology fingerprinting
Detected software and versions across discovered hosts.
OSINT correlation
Cross referencing across public data sources.
URL reputation
Domain reputation checks against recent scan history.
All tools run server side. No agent, no install, nothing to deploy on your infrastructure.