2 comments

[ 5.0 ms ] story [ 14.9 ms ] thread
Hey Hacker News,

I'm Jb the CTO and co-founder of Sqreen (YC W18).

Privacy/status pages have become a standard on the web. But nothing is really made to answer to the increasing security concerns of users.

In the SaaS world, some companies integrate a detailed security page on their website, but most companies are still missing one today.

The goal of this open source security page is to change that.

It's not perfect, but we made it really simple for anyone to add it on their website.

The goal of the page is also to help developers think about security and maybe improve the status quo.

We are open to contributions → https://github.com/sqreen/security-page

You can read the full content here: https://raw.githubusercontent.com/sqreen/security-page/maste...

Thanks for this - has some useful info, and I will be implementing a couple of missing header details on my site.

But, overall the security scan gives a lot of fails, when in reality I don't think it would know this.

For example

> SQL/NoSQL injection protection

How would you know how it is handled?