logo

Database

Security

Rules

Security Rules define automated logic and checks across code, cloud, applications, and binaries. They provide a structured approach to identifying vulnerabilities, strengthening secure development practices, and aligning with compliance and risk-management standards.

Total rules

63

Targets covered

3

Mapped standards

30

DAST-1P6RS

DAST

Ssl Tls Refuses Tls1 2 Plus

0.5

Low

Target: SSL

Technology: PROTOCOL

CWE ID(s):

CWE-327

Last update time: Dec 1, 2025

DAST-2AXE3

DAST

Http X Aspnet Version Info Leak

2.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-497

Last update time: Mar 12, 2026

DAST-2OET2

DAST

Http X Frame Options Bypass Possible

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-693

Last update time: Mar 12, 2026

DAST-3CXEE

DAST

Ssl Tls X509 Uses Dangerous Wildcard

2.1

Low

Target: SSL

Technology: CERTIFICATE

CWE ID(s):

CWE-297

Last update time: Dec 1, 2025

DAST-3OT4O

DAST

Http Host Serves Jsonp Security Risk

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-5EAMP

DAST

Http X Aspnet Mvc Version Leak

2.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-497

Last update time: Mar 12, 2026

DAST-6PXTS

DAST

Http Sensitive File Exposed

2.7

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-200

Last update time: May 8, 2026

DAST-AEEEX

DAST

Http X Backend Server Info Leak

2.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-497

Last update time: Mar 12, 2026

DAST-AUIFM

DAST

Http Vulnerable Library From Cdn

0.6

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-1395

Last update time: Mar 11, 2026

DAST-BKLNE

DAST

Ssl Tls Server Vulnerable To Freak Attacks

0.5

Low

Target: SSL

Technology: PROTOCOL

CWE ID(s):

CWE-327

Last update time: Dec 1, 2025

DAST-CI0CP

DAST

Http Unsafe Inline In Script Src

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-CNAEF

DAST

Http Directory Listing Enabled

2.7

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-200

Last update time: May 8, 2026

DAST-CTRM2

DAST

Http Ssti In Query Params

2.7

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-1336

Last update time: May 15, 2026

DAST-DBSHE

DAST

Ssl Tls Server Vulnerable To Heartbleed Attacks

0.6

Low

Target: SSL

Technology: PROTOCOL

CWE ID(s):

CWE-327

Last update time: Jan 21, 2026

DAST-DETS7

DAST

Http X Permitted Cross Domain Unsafe

1.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-942

Last update time: Mar 12, 2026

DAST-DFE3R

DAST

Http Unsafe Wildcard In Directive

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-DR3AC

DAST

Http Server Header Leaks Technical Info

2.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-497

Last update time: Mar 12, 2026

DAST-E35OD

DAST

Http X Powered By Info Leak

2.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-497

Last update time: Mar 12, 2026

DAST-ECFP3

DAST

Ssl Tls Server Refuses Pfs Connections

0.6

Low

Target: SSL

Technology: PROTOCOL

CWE ID(s):

CWE-326

Last update time: Dec 1, 2025

DAST-EI9IT

DAST

Http Sql Missing Validations Error Message

1.3

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-89

Last update time: May 6, 2026

DAST-ERI3L

DAST

Ssl Tls Certificate Expiration Not Validated

0.6

Low

Target: SSL

Technology: CERTIFICATE

CWE ID(s):

CWE-298

Last update time: Dec 1, 2025

DAST-FNEFD

DAST

Http X Content Type Not Nosniff

1.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-173

Last update time: Mar 12, 2026

DAST-FTTGI

DAST

Ssl Tls Self Signed Certificate

0.6

Low

Target: SSL

Technology: CERTIFICATE

CWE ID(s):

CWE-296

Last update time: Dec 1, 2025

DAST-HH10S

DAST

Http Basic Auth Over Http

1.3

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-319

Last update time: Mar 11, 2026

DAST-HHHHA

DAST

Http Strict Transport Low Max Age

1.2

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-319

Last update time: Mar 12, 2026

DAST-HS54S

DAST

Api Missing Authentication

2.7

Low

Target: API

Technology: HEADERS

CWE ID(s):

CWE-306

Last update time: May 8, 2026

DAST-HSRST

DAST

Http Missing Frame Ancestors Header

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-IAGSS

DAST

Dns Missing Dmarc Record

1.7

Low

Target: HTTP

Technology: DNS

CWE ID(s):

CWE-290

Last update time: Jan 6, 2026

DAST-ICTRO

DAST

Http Open Redirect In Query Params

0.5

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-601

Last update time: May 15, 2026

DAST-IICNA

DAST

Http Cookie Missing Cache Control

1.1

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-213

Last update time: Apr 14, 2026

DAST-LLEES

DAST

Ssl Tls Server Accepts Weak Cipher Methods

0.6

Low

Target: SSL

Technology: PROTOCOL

CWE ID(s):

CWE-327

Last update time: Dec 1, 2025

DAST-LPRTP

DAST

Ssl Tls Server Accepts Tlsv1 1 Connections

0.5

Low

Target: SSL

Technology: PROTOCOL

CWE ID(s):

CWE-327

Last update time: Dec 1, 2025

DAST-LS13N

DAST

Ssl Tls Server Accepts Sslv3 Connections

0.5

Low

Target: SSL

Technology: PROTOCOL

CWE ID(s):

CWE-327

Last update time: Dec 1, 2025

DAST-NNPES

DAST

Http Missing X Content Type Options

1.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-173

Last update time: Mar 12, 2026

DAST-OEAHP

DAST

Http Host Header Injection Redirection

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-601

Last update time: Dec 1, 2025

DAST-OIOTA

DAST

Http Missing Referrer Policy Header

0.4

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-523

Last update time: Mar 11, 2026

DAST-PAPH0

DAST

Http Permissions Policy Header Missing

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-276

Last update time: Mar 12, 2026

DAST-PCAEW

DAST

Api Permissive Cors Policy

1.3

Low

Target: API

Technology: HEADERS

CWE ID(s):

CWE-942

Last update time: Apr 14, 2026

DAST-PECLO

DAST

Ssl Tls Server Accepts Tlsv1 Connections

0.6

Low

Target: SSL

Technology: PROTOCOL

CWE ID(s):

CWE-327

Last update time: Dec 1, 2025

DAST-PIEPF

DAST

Http Weak Referrer Policy Value

0.4

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-523

Last update time: Mar 11, 2026

DAST-R1DRS

DAST

Http Cors Wildcard Origin

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-942

Last update time: May 15, 2026

DAST-RKFSA

DAST

Ssl Tls Fallback Scsv Not Handled Correctly

0.5

Low

Target: SSL

Technology: PROTOCOL

CWE ID(s):

CWE-327

Last update time: Dec 1, 2025

DAST-RREOT

DAST

Http Path Traversal In Query Params

1.3

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-22

Last update time: May 7, 2026

DAST-RRLTS

DAST

Ssl Tls Certificate Revocation Not Checked

2.7

Low

Target: SSL

Technology: CERTIFICATE

CWE ID(s):

CWE-299

Last update time: Apr 23, 2026

DAST-RSRTI

DAST

Http Third Party Resource Without Sri

0.6

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-354

Last update time: Mar 11, 2026

DAST-RTOIH

DAST

Http Missing Object Src Attribute

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-RTRHR

DAST

Http X Xss Protection Header Deprecated

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-79

Last update time: Mar 12, 2026

DAST-SCNRY

DAST

Http Missing Content Security Policy

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-SDLTM

DAST

Http Cookie Missing Httponly

0.5

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-1004

Last update time: Mar 11, 2026

DAST-SEGTF

DAST

Ssl Tls Certificate Issued To Wrong Entity

0.6

Low

Target: SSL

Technology: CERTIFICATE

CWE ID(s):

CWE-297

Last update time: Dec 1, 2025

DAST-SFECO

DAST

Ssl Tls Accepts Cbc Cipher Suites

0.6

Low

Target: SSL

Technology: PROTOCOL

CWE ID(s):

CWE-327

Last update time: Dec 1, 2025

DAST-SOLRS

DAST

Ssl Tls Server Allows Tlsv1 3 Downgrade

0.6

Low

Target: SSL

Technology: PROTOCOL

CWE ID(s):

CWE-327

Last update time: Dec 1, 2025

DAST-SP3IG

DAST

Http Cookie Missing Secure

0.5

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-614

Last update time: Mar 11, 2026

DAST-TCUTI

DAST

Http Missing Strict Transport Security

1.2

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-319

Last update time: Mar 12, 2026

DAST-TDAKN

DAST

Http Deprecated Block All Mixed Content

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-TDVOE

DAST

Http Unencrypted Viewstate

0.5

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-319

Last update time: Mar 11, 2026

DAST-TE1LB

DAST

Http Include Subdomains Not Enabled

1.3

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-319

Last update time: Mar 12, 2026

DAST-TETNT

DAST

Http Trace Enabled

2.7

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-650

Last update time: Apr 23, 2026

DAST-TFOTP

DAST

Http Cookie Samesite Not Initialized

1.3

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-1275

Last update time: Mar 11, 2026

DAST-TNEAE

DAST

Http Missing Upgrade Insecure Requests

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-TNNKO

DAST

Http Stack Trace Obtainable

1.3

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-209

Last update time: Feb 10, 2026

DAST-TNTER

DAST

Http Missing Script Src Attribute

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-VV6HR

DAST

Http Path Traversal In Url Path

1.3

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-22

Last update time: May 7, 2026