Mods

turbot/net_insights

GitHub
Overview
7Dashboards
53Controls
26Queries
2Variables
GitHub
DashboardsDNS Best PracticesDNS Records ReportSSL Certificate ReportSSL/TLS Best PracticesSSL/TLS Server Configuration ReportSecurity Headers Best PracticesSecurity Headers Report
On This Page
Description
Benchmark
Tags
Get Involved
Edit on GitHub
Discuss on Slack

Dashboard: Security Headers Best Practices

Description

Security headers are HTTP response headers that define whether a set of security precautions should be activated or deactivated on the web browser. It will protect your website from some common attacks like XSS, code injection, clickjacking, etc. This benchmark performs a check for following HTTP response headers:

  • Content-Security-Policy
  • HTTP Strict-Transport-Security
  • Permissions-Policy
  • Referrer-Policy
  • X-Content-Type-Options
  • X-Frame-Options

Usage

Browse dashboards and select Security Headers Best Practices:

steampipe dashboard

Or snapshot and share results via Steampipe Cloud:

steampipe login
steampipe dashboard --share net_insights.benchmark.security_headers_best_practices

Benchmark

This dashboard is automatically generated from the following benchmark:

benchmark.security_headers_best_practices

Tags

category = Compliance
plugin = net
service = Net/HTTP
type = Benchmark