The State of Strict Transport Security: Current Deployment and Correct Configuration

Nowadays, the topic of security has become a popular issue due to the contemporary digital society in constant development. Thus, HTTPS only is not enough in order to ensure a high security level (e.g. feeling protected while surfing the net). Therefore, a new mechanism has increased its employment: the Strict Transport Security, which enhances the security between a user agent and a server. In this thesis, it will be defined the best application of this system by observing the common settings over the internet and the reason why it is preferable declaring some directives and carry out its current deployment among the sites. Furthermore, the sites considered were tested in various scenarios and their security level was assessed in a report that was drawn up. This study, using some tools such as Puppeteer, wants to inform users about the correct configuration and gives an overview about the current deployment of this essential security mechanism.