Scott Helme offers insights into web security, HTTPS adoption, and best practices for securing online services, providing articles, workshops, and security tools to help organizations protect against cyber threats. By exploring Scott Helme's curated content, developers can learn about HTTP security headers, Content Security Policy (CSP), and TLS encryption for securing web applications and APIs. Whether you're a web developer, sysadmin, or security professional, Scott Helme offers resources to enhance your cybersecurity knowledge and defend against common vulnerabilities.

Scott Helme

Security Headers is a free HTTP response header analysis tool. To get an A+ grade on Security Headers, you had to use a CSP without unsafe- inline anywhere in the policy. Because of this incredibly strict requirement, not even my own sites score an A+. I wanted to make a change that would result in more sites achieving the highest possible grade.

Can you get pwned with CSS?

<p>Thank you! thanks to this article I know the shortcomings of my website</p>


<p>Oh inline CSS styles never been so spooky!! Great example and demo to change the criteria in Security Headers.</p>
