I'm a new customer to AGL and started using your myaccount.agl.com.au.
I decided to run a scan on your security headers to the application and noticed no configuration has been setup for your security headers.
After running both va securityheaders.com
They both return an F in the summary report which includes the following
As a customer, more concerned about the risk of using your service.
Solved Go to Answer
We've reviewed the findings of the report you've shared: The reason you're seeing these results is that 3rd party tools like the one you've used here are actually blocked from accessing details about our pages because of a security tool we use internally.
Our technical teams are aware of the headers you've mentioned and these are implemented as is appropriate to ensure security. We also perform regular penetration testing to assess vulnerabilities like these.
Thanks for taking an interest in our digital security - it's something we take very seriously.