Data protection

Application Load Balancer is not configured with defensive or strictest desync mitigation mode

Platform(s)
Compliance Frameworks

Description

HTTP desync mitigation mode is a feature that helps protect your application against HTTP desync attacks which can cause security vulnerabilities in web applications. The load balancer classifies each request based on its threat level, allows safe requests, and then mitigates risk as specified by the mitigation mode that you specify. The desync mitigation modes are monitor, defensive, and strictest. Application Load Balancers configured with defensive or strictest desync mitigation mode protect your application from security issues that may be caused by HTTP Desync. It was detected that Application Load Balancer {AwsEc2Elbv2} is not configured with defensive or strictest desync mitigation mode. It is advised to use either the 'strictest' or 'defensive' mode for HTTP desync mitigation in Application Load Balancers in order to provide a higher level of protection against HTTP desync attacks.

  • Recommended Mitigation

    It is recommended to configure your Application Load Balancer with defensive or strictest desync mitigation mode.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.