HeaderGuard

HeaderGuard is a web app (with a lightweight CLI agent) that continuously checks your production and staging sites for security header regressions and risky edge/CDN changes. It monitors CSP, HSTS, X-Frame-Options, COOP/COEP, CORS, cookie flags, cache headers, and common reverse-proxy mistakes that quietly reintroduce XSS, clickjacking, session theft, or data leakage. Instead of a one-time scan, it runs scheduled probes from multiple regions, diffs results against a known-good baseline, and opens actionable tickets when something drifts. It also validates real browser behavior using headless checks (e.g., CSP actually blocks inline scripts) and provides copy-paste fixes tailored to popular stacks (Cloudflare, Fastly, NGINX, AWS ALB). This is not a full pentest platform; it’s a focused guardrail for the most frequently broken web hardening controls.