Security Checks Layer
Using the test associated with the Security Checks Layer (see Figure 1), you can monitor the following:
-
Is any weak protocol being used (TLS 1.0, SSL v3)?
-
Are any weak ciphers being used?
-
Is the web site susceptible to common web attacks (POODLE, BEAST, etc.) and which ones?
-
Is strict transport security (HSTS) supported?
-
Are the web sites HTTP headers configured as per best practice?
-
Are any headers that should be present missing?
-
Figure 1 : The list of tests associated with the Security Checks Layer