Headers

Monitor HTTP response headers and their values.

The Headers section allows you to monitor all the response headers that were sent by your web servers.

Use Cases

View which web applications are using secure response headers. Secure response headers protect users of the site by mitigating many common forms of web-based attacks, such as cross-site scripting (XSS), clickjacking, and others.

Detection

During the scanning process, we catalog all HTTP response headers that are returned when we issue queries.

Risk

Risk is assigned by verifying that critical headers are being sent by the target web application.

High (● Red): None currently.
Medium (● Yellow): Targets are missing some important headers. The headers we consider important are:
- Content-Security-Policy
- Strict-Transport-Security
- X-Frame-Options
- X-Content-Type-Options
- Referrer-Policy
Low (● Green): No significant risks are associated with the headers.

We recommend fixing Medium risk issues.

Monitoring

Learn more about events at:

Pages

PreviousCookies NextForms

Last updated 2 months ago

Was this helpful?