logo

Database

Security

Rules

Security Rules define automated logic and checks across code, cloud, applications, and binaries. They provide a structured approach to identifying vulnerabilities, strengthening secure development practices, and aligning with compliance and risk-management standards.

Total rules

34

Targets covered

1

Mapped standards

16

Technique DAST

DAST-2AXE3

DAST

Http X Aspnet Version Info Leak

2.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-497

Last update time: Mar 12, 2026

DAST-2OET2

DAST

Http X Frame Options Bypass Possible

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-693

Last update time: Mar 12, 2026

DAST-3OT4O

DAST

Http Host Serves Jsonp Security Risk

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-5EAMP

DAST

Http X Aspnet Mvc Version Leak

2.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-497

Last update time: Mar 12, 2026

DAST-AEEEX

DAST

Http X Backend Server Info Leak

2.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-497

Last update time: Mar 12, 2026

DAST-AUIFM

DAST

Http Vulnerable Library From Cdn

0.6

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-1395

Last update time: Mar 11, 2026

DAST-CI0CP

DAST

Http Unsafe Inline In Script Src

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-DETS7

DAST

Http X Permitted Cross Domain Unsafe

1.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-942

Last update time: Mar 12, 2026

DAST-DFE3R

DAST

Http Unsafe Wildcard In Directive

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-DR3AC

DAST

Http Server Header Leaks Technical Info

2.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-497

Last update time: Mar 12, 2026

DAST-E35OD

DAST

Http X Powered By Info Leak

2.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-497

Last update time: Mar 12, 2026

DAST-FNEFD

DAST

Http X Content Type Not Nosniff

1.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-173

Last update time: Mar 12, 2026

DAST-HH10S

DAST

Http Basic Auth Over Http

1.3

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-319

Last update time: Mar 11, 2026

DAST-HHHHA

DAST

Http Strict Transport Low Max Age

1.2

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-319

Last update time: Mar 12, 2026

DAST-HSRST

DAST

Http Missing Frame Ancestors Header

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-NNPES

DAST

Http Missing X Content Type Options

1.7

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-173

Last update time: Mar 12, 2026

DAST-OEAHP

DAST

Http Host Header Injection Redirection

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-601

Last update time: Dec 1, 2025

DAST-OIOTA

DAST

Http Missing Referrer Policy Header

0.4

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-523

Last update time: Mar 11, 2026

DAST-PAPH0

DAST

Http Permissions Policy Header Missing

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-276

Last update time: Mar 12, 2026

DAST-PIEPF

DAST

Http Weak Referrer Policy Value

0.4

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-523

Last update time: Mar 11, 2026

DAST-RSRTI

DAST

Http Third Party Resource Without Sri

0.6

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-354

Last update time: Mar 11, 2026

DAST-RTOIH

DAST

Http Missing Object Src Attribute

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-RTRHR

DAST

Http X Xss Protection Header Deprecated

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-79

Last update time: Mar 12, 2026

DAST-SCNRY

DAST

Http Missing Content Security Policy

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-SDLTM

DAST

Http Cookie Missing Httponly

0.5

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-1004

Last update time: Mar 11, 2026

DAST-SP3IG

DAST

Http Cookie Missing Secure

0.5

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-614

Last update time: Mar 11, 2026

DAST-TCUTI

DAST

Http Missing Strict Transport Security

1.2

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-319

Last update time: Mar 12, 2026

DAST-TDAKN

DAST

Http Deprecated Block All Mixed Content

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-TDVOE

DAST

Http Unencrypted Viewstate

0.5

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-319

Last update time: Mar 11, 2026

DAST-TE1LB

DAST

Http Include Subdomains Not Enabled

1.3

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-319

Last update time: Mar 12, 2026

DAST-TFOTP

DAST

Http Cookie Samesite Not Initialized

1.3

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-1275

Last update time: Mar 11, 2026

DAST-TNEAE

DAST

Http Missing Upgrade Insecure Requests

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026

DAST-TNNKO

DAST

Http Stack Trace Obtainable

1.3

Low

Target: HTTP

Technology: CONTENT

CWE ID(s):

CWE-209

Last update time: Feb 10, 2026

DAST-TNTER

DAST

Http Missing Script Src Attribute

0.6

Low

Target: HTTP

Technology: HEADERS

CWE ID(s):

CWE-079

Last update time: Mar 12, 2026