# Security Headers Analyze HTTP response headers to identify security misconfigurations. ## Tool **[SecurityHeaders.com](https://securityheaders.com/)** ### What it checks - `Strict-Transport-Security` (HSTS) - `Content-Security-Policy` (CSP) - `X-Content-Type-Options` - `X-Frame-Options` - `Referrer-Policy` - `Permissions-Policy` - `X-XSS-Protection` - And more... ### Scoring system - A+ to F grade based on header configuration - Detailed analysis with recommendations