Security

Security resources and support.

Security grades on Project ScanGov

21st Century Integrated Digital Experience Act (IDEA)

Modernizes government websites and digital services.

Guidance

CISA Cybersecurity Performance Goals

Voluntary, high-impact security practices.

Guidance

CISA Web Security

Protect websites from cyber threats.

Guidance

Content security policy (CSP)

Controls which sites can load content.

Standard

GSA Site Scanning

Checks and tracks federal .gov websites.

Guidance

Google Search Central

Resources to improve site search rankings.

Guidance

HTTP Strict Transport Security (HSTS)

Privacy and integrity protection.

Standard

Hypertext Transfer Protocol Secure (HTTPS)

Privacy and integrity protection.

Standard

Memorandum (M-23-22)

Delivering a digital-first public experience.

Guidance

OWASP Top 10

Helps make websites and apps safer.

Guidance

RFC 9116

A file format to aid in security vulnerability disclosure.

Guidance

X-Content-Type-Options

Stops browsers from guessing content types.

Standard

security.txt

File with website security contact info.

Standard

We can help

ScanGov offers government digital experience training and support.

Learn more

Supporters

Thank you to these organizations for supporting Project ScanGov:

ScanGov

ScanGov

Government. Digital. Experience.

Get ScanGov