Security Checks Layer

Using the test associated with the Security Checks Layer (see Figure 1), you can monitor the following:

  • Is any weak protocol being used (TLS 1.0, SSL v3)?

  • Are any weak ciphers being used?

  • Is the web site susceptible to common web attacks (POODLE, BEAST, etc.) and which ones?

  • Is strict transport security (HSTS) supported?

  • Are the web sites HTTP headers configured as per best practice?

  • Are any headers that should be present missing?

  • Security Checks Layer

    Figure 1 : The list of tests associated with the Security Checks Layer