Advanced Threat Analytics Query

-FangWolf- 1 Reputation point
2021-09-14T06:51:44.153+00:00

Hi all,

In my environment, Tenable Nessus Scanner had flagged out the "HSTS Missing From HTTPS Server (RFC 6797)" vulnerability for Microsoft Advanced Threat Analytics ver 1.9.3

I checked the Windows OS installed with ATA, but there is no IIS installed by ATA and am stuck at how to resolve this flagged vulnerability.
Would like to check if anyone else encountered the same flagged vulnerability and did u manage to resolve it? (How?)
Also tried checking for links which may indicate the flagged vulnerability for ATA as a "false positive" but to no avail.

Thanks!

Microsoft Configuration Manager
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Eli Ofek 106 Reputation points
    2021-09-14T13:39:23.287+00:00

    Hi,

    HSTS header is planned to be added to ATA with 1.9 Update 4 planned for later this year.
    There is no way for you to manually add it, as this is a self host web server.

    Thanks,

    Eli

    1 person found this answer helpful.
    0 comments No comments