DNS Best PracticesDNS Records ReportSecurity Headers Best PracticesSecurity Headers ReportSSL Certificate ReportSSL/TLS Best PracticesSSL/TLS Server Configuration Report
Dashboard: Security Headers Report
This report answers the following questions:
- What are the raw headers for my website?
- Does my website implement common security headers:
- Content-Security-Policy
- HTTP Strict-Transport-Security
- Permissions-Policy
- Referrer-Policy
- X-Content-Type-Options
- X-Frame-Options
This dashboard contains 6 cards, 1 input and 2 tables.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-net-insightsStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Security Headers Report dashboard.
You could also snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe dashboard run net_insights.dashboard.security_headers_report --shareQueries
The dashboard uses the named queries:
- security_headers_content_security_policy_check
- security_headers_missing_headers
- security_headers_permissions_policy_check
- security_headers_raw_header_list
- security_headers_referrer_policy_check
- security_headers_strict_transport_security_check
- security_headers_x_content_type_options_check
- security_headers_x_frame_options_check