Upon running the DAST Scan on POC environment we are receiving the following vulnerability: -
"Missing Secure Attribute in Encrypted Session (SSL) Cookie"
Release : 16.0.2
a) Log into CSA/NSA
b) Click on the Server
c) Click on the Application Tab
d) There is an option for "Use Secure Session Cookie"
e) Enable the above option
Note: On a same page Under Application Instance: NSA There is an option for "Use Secure Session Cookie"
f) Enable that option also
g) Restart the Clarity Services
h) Run DAST Scan
You can perform the above steps in lower environment and then proceed to Prod.