The main feature of Track web security compliance is a table that reports how federal government websites and web services are meeting good web security practices. Each column reports compliance with a section of the ITPIN 2018-01 direction. They include:

  • ITPIN compliant
  • Enforces HTTPS
  • HSTS
  • Free of known-weak protocols and ciphers
  • Uses approved certificates

View by organization or domain

Users can filter the table structured by organization or domain, allowing exploration of compliance statistics of domains or by department.


Users can search for an individual department or agency when on the organization view of the table, and can search for an individual domain when on the domain view of the table.


The table columns are sortable to rank compliance levels across departments or domains.

Data download

CSV downloads are available for the entire domain list or can be filtered to a specific top-level domain.

Overall metrics

The overall percentage of Government of Canada domains that enforce HTTPS is displayed on the home page.