Understanding a website's security posture is essential for penetration testers, security researchers, web developers hardening their own sites, and sales teams selling security products. Security technology detection reveals WAFs (Web Application Firewalls), DDoS protection services, SSL/TLS configurations, and security headers that indicate how well a site is protected.
Web Application Firewall Detection
WAFs sit between users and the web server, filtering malicious traffic. They often reveal themselves through HTTP headers and response behavior:
- Cloudflare WAF: The
Server: cloudflareheader,cf-rayheader, and Cloudflare-branded challenge pages when triggered - AWS WAF: May return
x-amzn-RequestIdheaders and specific 403 response pages when rules are triggered - Sucuri: The
X-Sucuri-IDheader andServer: Sucuri/Cloudproxyidentify their firewall service - Imperva/Incapsula: Detected through
X-CDN: Impervaheaders andvisid_incapcookies
Security Headers Analysis
HTTP security headers indicate a site's defensive configuration. While these are not standalone “technologies,” their presence (or absence) reveals the security awareness of the development team:
Strict-Transport-Security(HSTS) — forces HTTPS connectionsContent-Security-Policy(CSP) — prevents XSS and injection attacksX-Frame-Options— prevents clickjackingX-Content-Type-Options: nosniff— prevents MIME-type sniffingPermissions-Policy— controls browser feature access
Sites with comprehensive security headers typically have mature security practices, while missing headers may indicate areas for improvement.
SSL/TLS Configuration
The SSL certificate and TLS configuration provide additional security intelligence. Certificate authority, expiration date, and supported TLS versions all contribute to understanding a site's security posture. Sites still supporting TLS 1.0 or 1.1 may be running outdated infrastructure. Certificate transparency logs can also reveal subdomains and related infrastructure.
Automated Security Detection
WhatStack detects WAFs, CDN-based security services, and other security technologies as part of every scan. The detection engine analyzes HTTP headers, cookies, and DNS records to identify Cloudflare, Sucuri, Imperva, AWS Shield, and other security platforms. Combined with the full technology profile, this gives you a complete picture of a site's security stack alongside its application technologies. Scan any website with the WhatStack scanner to assess its security technology landscape.