Hey Hacker News,<p>I'm Jb the CTO and co-founder of Sqreen (YC W18).<p>Privacy/status pages have become a standard on the web. But nothing is really made to answer to the increasing security concerns of users.<p>In the SaaS world, some companies integrate a detailed security page on their website, but most companies are still missing one today.<p>The goal of this open source security page is to change that.<p>It's not perfect, but we made it really simple for anyone to add it on their website.<p>The goal of the page is also to help developers think about security and maybe improve the status quo.<p>We are open to contributions → <a href="https://github.com/sqreen/security-page" rel="nofollow">https://github.com/sqreen/security-page</a><p>You can read the full content here: <a href="https://raw.githubusercontent.com/sqreen/security-page/master/docs/markdown-content.md" rel="nofollow">https://raw.githubusercontent.com/sqreen/security-page/maste...</a>
Thanks for this - has some useful info, and I will be implementing a couple of missing header details on my site.<p>But, overall the security scan gives a lot of fails, when in reality I don't think it would know this.<p>For example<p>> SQL/NoSQL injection protection<p>How would you know how it is handled?