Skip to main content

Security Performance Management

Continuous Monitoring

Vendor Risk Management

Trust Management Hub

Cyber Insurance

National Cybersecurity

Bitsight API docs

Bitsight Academy

Sign in
Submit a request

Bitsight Knowledge Base
Methodologies
Web Application Security Tests

Web Application Security Tests

How Web Application Security findings are assessed.

Cross-Site Request Forgery (CSRF) Mitigations Present
Remediating CMS Administration Portal Exposed
Determining if a HSTS Preload Directive is Present and its effect on the WAS Risk Vector
Mixed Content Security Test and Remediation Tips
Remediating Session Token in URL Issues
Remediating Secure Cookie on Insecure Channel Findings
Remediating HTTPS to HTTP Redirects
Remediating Over-Permissive CORS Whitelist Findings
Remediating CORS Violations
Remediating Directory Listing Exposure Findings
Remediating Reverse Tabnabbing
Remediating Internal Server Errors
Remediating Content Security Policy Violations
Remediating Content Security Policy Configuration Findings
Remediating Cross-Domain Subresource Integrity Failures
Remediating Cross-Domain Subresource Integrity (SRI) Checks
Web Application Security Assessment: Cross-Site Scripting
Web Application Security Assessment: Components with Known Vulnerabilities
Web Application Security Assessment: Broken Authentication and Access Control
Web Application Security Assessment: Sensitive Data Exposure
Web Application Security Assessment: Security Misconfiguration

Contents © 2025 BitSight Technologies, Inc. ("Bitsight")

Privacy Policy | Disclaimer | Terms and Conditions | Contact Bitsight | Bitsight Academy | Bitsight Support