Monitor HTTP headers for Change and Tamper in Clause 11.6.1
HTTP headers contain important security settings such as Content Security Policies (CSP), Strict Transport Security (HSTS), X-Content-Type-Options, etc. Monitor these settings proactively 24×7 and be alerted to any unauthorized changes to HTTP Headers.