Almost a third of the world wide web’s top million sites are still not using HTTPS by default, according to infosec researcher Scott Helme’s analysis.
In his Top 1 Million Analysis, in which he runs crawlers over a guessable number of websites, Helme published his findings on a variety of common internet security technologies. Broadly, he found that most security measures were on the top – except for extended verification (EV) certificates.
On HTTPS, Helme found that 71.7 per cent of sites he scanned actively redirected his crawler to use HTTPS-encrypted connections, a figure he said had improved markedly from 57.6 per cent in September 2019.