debian-mirror-gitlab/doc/user/application_security/dast/checks/index.md
2022-01-26 12:08:38 +05:30

1.2 KiB

stage group info
Secure Dynamic Analysis To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments

DAST browser-based crawler vulnerability checks (ULTIMATE)

The DAST browser-based crawler provides a number of vulnerability checks that are used to scan for vulnerabilities in the site under test.

ID Check Severity Type
1004.1 Sensitive cookie without HttpOnly attribute Low Passive
16.1 Missing Content-Type header Low Passive
16.2 Server header exposes version information Low Passive
16.3 X-Powered-By header exposes version information Low Passive
16.4 X-Backend-Server header exposes server information Info Passive
16.5 AspNet header exposes version information Low Passive
16.6 AspNetMvc header exposes version information Low Passive
614.1 Sensitive cookie without Secure attribute Low Passive
693.1 Missing X-Content-Type-Options: nosniff Low Passive