Like other struggles around the world, the future of the Palestinian struggle is likely to involve a substantial ‘cyber’ component. This raises the question of whether Palestinian civil society organizations -- the presumptive vanguard of any grassroots social movement -- are taking the requisite security precautions to defend against cyberattacks. In this essay we take a first step towards answering this question by scripting a non-intrusive web scanning tool to build security telemetry for a sample of websites belonging to Palestinian think tanks, NGOs, and news agencies. Specifically, we assemble a checklist covering various aspects of website security for which there exists a wide professional consensus on best practices. We then scan each Palestinian website in our sample to see how they fare on each of these dimensions. For comparison’s sake, we also scan a sample of websites corresponding to American civil society organizations. Our findings paint a troubling picture, but one which we hope will encourage a dialogue with Palestinian civil society, and inspire further research in this increasingly relevant area.