Dashboard: Security Headers Best Practices

Description

Security headers are HTTP response headers that define whether a set of security precautions should be activated or deactivated on the web browser. It will protect your website from some common attacks like XSS, code injection, clickjacking, etc. This benchmark performs a check for following HTTP response headers:

Content-Security-Policy
HTTP Strict-Transport-Security
Permissions-Policy
Referrer-Policy
X-Content-Type-Options
X-Frame-Options

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-net-insights

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select Security Headers Best Practices dashboard.

You could also snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe benchmark run net_insights.benchmark.security_headers_best_practices --share

Benchmark

This dashboard is automatically generated from the following benchmark:

benchmark.security_headers_best_practices

Dashboard: Security Headers Best Practices

Description

Usage

Benchmark

Tags