HomeIntelligenceBrief
BREACH BRIEF🟡 Medium ThreatIntel

Scott Helme & Troy Hunt Reveal 12% of Top‑1M Domains Still Lack HTTPS

A new scan disclosed that roughly 12 % of the top‑1 million websites still serve traffic over plain HTTP, exposing data in‑transit and creating a compliance gap for SOC 2 encryption controls.

LiveThreat™ Intelligence · 📅 July 01, 2026· 📰 troyhunt.com
🟡
Severity
Medium
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
1 sector(s)
Actions
3 recommended
📰
Source
troyhunt.com

Scott Helme & Troy Hunt Highlight Ongoing HTTPS Adoption Gaps Across the Web Ecosystem

What Happened — In the latest “Weekly Update 510,” Troy Hunt and Scott Helme released fresh scan data showing that a significant share of publicly‑facing sites still serve content over plain HTTP. Their analysis of the top‑1 million domains found ≈ 12 % without TLS, and many of those sites also lack HTTP Strict‑Transport‑Security (HSTS) headers.

Why It Matters for Compliance & Audit Readiness

  • Missing TLS violates SOC 2 CC6.1 (Encryption in transit) and can be cited as a control‑failure during an audit.
  • Continuous evidence of HTTPS enforcement is a core component of a defensible audit trail for security‑focused engagements.
  • Verisq’s Control Mapping capability lets you automatically map TLS/HSTS compliance to SOC 2 controls and capture ongoing proof for auditors.

Who Is Affected — All industries with web‑facing applications (e‑commerce, SaaS, fintech, health‑tech, etc.).

Recommended Actions

  • Inventory every public endpoint and verify TLS termination.
  • Deploy HSTS with a long max‑age and include the preload flag where appropriate.
  • Integrate a continuous‑monitoring service that flags HTTP‑only sites and logs remediation steps as audit evidence. Source: Troy Hunt Weekly Update 510

Technical Notes – The scan leveraged TLS‑Scanner (v2.3) and identified sites lacking TLS, using outdated cipher suites, or missing HSTS. No CVEs were involved; the issue is a configuration gap that leaves data in‑transit exposed to passive eavesdropping. Source: same

📰 Original Source
https://www.troyhunt.com/weekly-update-510/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →