External posture snapshot

google.com

completed

CyberFurl completed this security preview for google.com. Email authenticity is strongest right now, while Malware intelligence needs the most attention.

Unified external risk score across DNS, email, web, malware, breach exposure, and technical readiness signals.

Check another domain

Latest report

Ready to share

4/27/2026, 8:44:08 AM

Coverage

7/7 stages

100% collected

Leading signal

Email authenticity

92/A

Priority area

Malware intelligence

86/B+

Immediate priority

DNS settings need attention

DNSSEC is not enabled.

Email the full report to get the DNS fix checklist.

Unified score

Latest saved external posture

4/27/2026, 8:44:08 AM

86Combined scoreGrade B+

Current posture3 issues need review

Strongest signalEmail authenticity 92/A

Risk levelMedium

Board brief

What matters now

Strongest area

Email authenticity 92/A

SPF sender policy enforcement

Needs attention

Malware intelligence 86/B+

DNSSEC is not enabled.

Recommended next step

SPF sender policy enforcement

Get the full emailed report for the detailed fixes and a stakeholder-ready summary.

Executive summary

Board-level summary

Email authenticity is currently the strongest area for google.com at 92/A, while Malware intelligence needs the most attention at 86/B+. Priority issues include DNS settings need attention and SPF sender policy enforcement. Email the report to get the full narrative and prioritized fix list.

Email the full report for the business summary, supporting context, and prioritized actions.

Strengths

Email authenticity

1 MX route Record detection does not confirm enforcement or key strength.

92

A

DNS posture

Resolver health: unknown.

90

A

Control and exposure map

Audit surface

One primary exposure, one strongest control, and the remaining stages arranged as report rows instead of equal-weight dashboard tiles.

Log in for full audit

Primary exposure

DNS posture

Completed

DNS settings need attention

90

A · low

DNSSEC

Not enabled

Resolver health: unknown.

DNSSEC

Off

Resolver health

Unknown

Strongest control

Email authenticity

1 MX route Record detection does not confirm enforcement or key strength.

92

A · low

Audit frame

Coverage

100% collected

7/7 stages

Signals

3 issues to review

3

Freshness

Ready to share externally

Checked today

Web security

Completed

Web security needs attention

88

B+ · medium

Passing checks17/19

Failed checks2

HTTPS target: https://www.google.com/

Malware intelligence

Limited detail

No active threat signal was detected

86

B+ · medium

Signals0

VerdictClean

Threat-feed telemetry and blacklist reputation were reviewed without an active hit.

Supporting evidence

Domain, infrastructure, and incident proof

Saved signals that support the scored audit without introducing another score layer.

SubdomainDiscovery

Subdomain footprint

Saved subdomain enumeration data is not available for this preview yet.

Waiting for saved evidence

Status

not collected

Saved statusnot collected

BrandAbuseWatch

Brand abuse watch

Saved typosquatting data is not available for this preview yet.

Waiting for saved evidence

Status

not collected

Saved statusnot collected

WhoisSearch

Domain registration

Saved WHOIS registration data is not available for this preview yet.

Waiting for saved evidence

Status

not collected

Saved statusnot collected

PortScan

Network exposure

Saved port exposure data is not available for this preview yet.

Waiting for saved evidence

Status

not collected

Saved statusnot collected

AccessControlValidator

Access control exposure

Saved access control findings are not available for this preview yet.

Waiting for saved evidence

Status

not collected

Saved statusnot collected

TracerouteAPI

Network route telemetry

Saved route telemetry is not available for this preview yet.

Waiting for saved evidence

Status

not collected

Saved statusnot collected

Extended coverage

Locked intelligence layers

These deeper checks are already part of the audit model and unlock in the emailed report or full workspace.

Locked signal

SSL/TLS posture

Pending

Certificate validity, protocol support, and transport hardening checks.

Certificate-chain evidence and protocol drift stay inside the full report.

Use the emailed report to share a lighter stakeholder view of transport posture.

Get details via email

Locked signal

IP intelligence

Pending

IP reputation, exposure context, and network-level asset intelligence.

Underlying asset context and enrichment stay gated inside the full workspace.

The emailed report can carry a simpler stakeholder summary of IP posture.

Get details via email

Locked signal

Vulnerability scanning

Pending

Expanded surface validation, exposure review, and deeper internet-facing checks.

Deeper vulnerability evidence and remediation sequencing stay inside the full report.

Use the full workspace for validated remediation steps and ownership guidance.

Get details via email

Locked signal

Malware and phishing detection

Completed

External threat feeds, blacklist references, and malware heuristics.

Threat-feed matches and remediation sequencing stay inside the full report.

This stage is designed to flag live reputation issues without exposing feed internals publicly.

Get details via email

Locked signal

Data breach monitoring

Skipped

Public-source incident monitoring is included. Private credential-corpus and employee-exposure intelligence expand on paid plans.

Public incident disclosures, ransomware listings, and regulatory notices can appear in this prev…

Paid plans add broader credential-corpus visibility and continuous breach alerting.

Upgrade to see breach exposure

Locked signal

Compliance assessment

Pending

Surface readiness for public-infrastructure controls across common frameworks.

Framework mapping and control-by-control gaps stay inside the workspace.

The emailed report can carry a lighter stakeholder snapshot of this stage.

Get details via email

Immediate priorities

What to address first

DNS settings need attention

DNSSEC is not enabled.

Warning

Next step

Email the full report to get the DNS fix checklist.

SPF sender policy enforcement

1 MX route Record detection does not confirm enforcement or key strength.

Warning

Next step

Email the full report to get the email authentication checklist.

Web security needs attention

HTTPS target: https://www.google.com/

Warning

Next step

Email the full report to get the web hardening checklist.

Recommended actions

How to move this forward

Fix first

SPF sender policy enforcement

Fix next

No additional recommendation surfaced in this public layer.

Requires workspace

Deeper validated remediation and evidence stay inside the full audit workspace.

Full report by email

Send the full security report

Enter your work email to receive a polished PDF for google.com with expanded findings, business context, and deeper coverage across registration, typo abuse, headers, and infrastructure signals.

Expanded findings across DNS, email, web, and registration signals

Extra context from headers, typo abuse, port exposure, and route telemetry

Shareable PDF your team can forward immediately

Included in the full report

A stakeholder-ready PDF with deeper evidence, clearer attack context, and a practical remediation path.

Premium detail

AI executive summary

Unlock the full AI narrative, business context, and attack-priority framing.

Premium detail

Detailed remediation workbook

See the full fix list, ownership hints, and step-by-step remediation guidance.

Premium detail

Deep evidence and benchmarks

Inspect the underlying evidence, control groups, and historical posture comparisons.

Upgrade to Shield Create account for full audit Log in on this URL