turbot/net_insights

GitHub
Loading controls...

Benchmark: Security Headers Best Practices

Description

Security headers are HTTP response headers that define whether a set of security precautions should be activated or deactivated on the web browser. It will protect your website from some common attacks like XSS, code injection, clickjacking, etc. This benchmark performs a check for following HTTP response headers:

  • Content-Security-Policy
  • HTTP Strict-Transport-Security
  • Permissions-Policy
  • Referrer-Policy
  • X-Content-Type-Options
  • X-Frame-Options

Usage

Browse dashboards and select Security Headers Best Practices:

steampipe dashboard

Or run the benchmarks in your terminal:

steampipe check net_insights.benchmark.security_headers_best_practices

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share net_insights.benchmark.security_headers_best_practices

Controls

Tags