Vision.acibd.com [verified]

| Area | Status / Recommendation | |------|--------------------------| | | Verify vision.acibd.com has correct A/AAAA/CNAME records. No unnecessary subdomain takeover risks. | | SSL Certificate | Ensure valid TLS 1.2/1.3 certificate. Use Let’s Encrypt or commercial cert. | | HTTP Security Headers | Implement: Strict-Transport-Security , X-Content-Type-Options , X-Frame-Options , Content-Security-Policy . | | Authentication | If internal, enforce SSO or IP whitelisting. If public, implement MFA for any admin area. | | Backend Stack | Identify (Node.js, Python/Django, .NET, etc.). Patch known CVEs. | | Data Protection | Any user data stored? Encrypt at rest and in transit. |

vision.acibd.com is the service portal and API endpoint for the computer vision capabilities of ACI Insights, a core component of the ACI Sky platform. ACI, a part of the First American family of companies (NYSE: FAF), is a long-standing provider of workflow solutions for the valuation industry. The "Vision" in this context refers to the platform's ability to "see" and interpret images. This is not a public-facing website but rather a technological resource that powers the automated analysis of property photographs within appraisal reports. vision.acibd.com

Web developers often create private subdomains to test new features or redesigns before they go live on the main site. Such environments are deliberately blocked from public search engines, which is consistent with our findings. Use Let’s Encrypt or commercial cert

[Insert Date] Prepared For: ACIBD (Project “Vision”) Domain: vision.acibd.com Report Type: Internal Assessment & Recommendations If public, implement MFA for any admin area