HTTP Strict Transport Security (HSTS).
HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standard track protocol and is specified in RFC 6797.
Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.
Run our automated penetration testing and vulnerability assessment to protect your web application from hackers.
The web/application server is leaking information via one or more “X-Powered-By” HTTP response headers.
The TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets.