Tag Archives: security

Slow HTTP Headers Vulnerability

During QUALYS Web Application Scanning of Oracle Fusion (Integration Layer), if one is facing the below security vulnerability, then follow the steps mentioned in the solution. ID and Name 150079 and Slow HTTP Headers Threat The web application is possibly vulnerable to “slow HTTP headers” Denial of Service (DoS) attack. This is an application-level DoS, …

Continue reading “Slow HTTP Headers Vulnerability”

Missing header Security Vulnerability

During QUALYS Web Application Scanning of User System – Oracle Fusion (Integration layer), if one is facing the below security vulnerabilities, then follow the steps mentioned in the solution. Vulnerability 1: ID and Name 150202 and Missing header: X-Content-Type-Options Threat The X-Content-Type-Options response header is not present. WAS reports missing X-Content-Type-Options header on each crawled …

Continue reading “Missing header Security Vulnerability”

Cookie Does Not Contain HTTPOnly Attribute Security Vulnerability

During QUALYS Web Application Scanning of user system like Oracle Fusion (Integration layer), if one is facing the below security vulnerability, then follow the steps mentioned in the solution. ID and Name 150123 and Cookie Does Not Contain The “HTTPOnly” Attribute Threat The cookie does not contain the “HTTPOnly” attribute. Impact Cookies without the “HTTPOnly” …

Continue reading “Cookie Does Not Contain HTTPOnly Attribute Security Vulnerability”

X-Frame-Options Header Security Vulnerability

During QUALYS Web Application Scanning of user system like Oracle Fusion (Integration layer), if one is facing the below security vulnerability, then follow the steps mentioned in the solution. ID and Name 150081 and X-Frame-Options header is not set Threat The X-Frame-Options header is not set in the HTTP response, which may lead to a …

Continue reading “X-Frame-Options Header Security Vulnerability”

Steps to Create Keystore

 How to create Keystore? In my previous blogs, I have explained the importance and usage of Keystore in Composite.xml https://soasolutions.home.blog/2019/02/11/importance-of-keystore/ Log in to Enterprise Manager using weblogic username, and it’s passwordExpand WebLogic DomainRight-click on Domain NameClick on Security and then Credentials as displayed in below screenshot Click on Create Key as shown in the below …

Continue reading “Steps to Create Keystore”

Introduction to QUALYS WAS

Introduction Qualys Web Application Scanning (WAS) is a cloud-based service providing automated crawling and testing of custom web applications to identify vulnerabilities across OWASP Top 10. Qualys WAS enables organizations to assess, track, and remediate web application vulnerabilities. Key Features • Crawling & Link Discovery: o Embedded web crawler parses HTML and some JavaScript to …

Continue reading “Introduction to QUALYS WAS”

Design a site like this with WordPress.com
Get started