Submit domains for inclusion in Chrome's HTTP Strict Transport Security (HSTS) preload list.
This is a list of sites that are hardcoded into Chrome as being HTTPS only.
Performs a deep analysis of the configuration of any SSL web server on the public Internet.
https://www.ssllabs.com/ssltest/
Observatory by Mozilla helps websites by teaching developers, system administrators, and security professionals how configure their sites safely and securely.
https://observatory.mozilla.org/
CSP Evaluator allows developers and security experts to check if a Content Security Policy (CSP) serves as a strong mitigation against cross-site scripting attacks.
It assists with the process of reviewing CSP policies, which is usually a manual task, and helps identify subtle CSP bypasses which undermine the value of a policy.
https://csp-evaluator.withgoogle.com/
A quick and easy way to check if sites are using security headers like CSP and HSTS.