This month (April), Discovery got a new column in its report overview: Security Header Ratings!!!!

The implementation is based on Mozilla Observatory. The detailed scoring is described in their Github repo: https://github.com/mozilla/http-observatory/blob/master/httpobs/docs/scoring.md. That means we stick to Mozillas rating and scoring method.


Behind the scenes

Every scanned domain starts with a base score of 100. According to Mozillas scoring method points are added for special configurations or subtracted if they are missing or insecure.

This generates a score which then can be mapped to a grade according to the following table:

Scoring Range Grade
100+  A+
90-99  A 
85-89  A-
80-84  B+
70-79  B 
65-69  B-
60-64  C+
50-59  C 
45-49  C-
40-44  D+
30-39  D 
25-29  D-
0-24  F 

Looks in Discovery

The new column in Discovery shows the Grade from A+ to F for every discovered domain, where a rating was possible.

Security Header Rating in Report Overview

Clicking on the grade will show the details how we measured the rating. On the details page you will see the reached score and all factors used to calculate it.

Security Header Details

On the new analysis page you can filter for websites passing and/or failing specific tests. That will help you to focus on the most important websites first.

Hope you like this new feature. As always we appreciate feedback - positive and negative ☺️