Vulnerabilities "Server Information Disclosure" and "Missing Secure Attribute"

Hello Ranbir, it sounds like those two vulnerabilities were revealed in the output from a web application vulnerability scanner. A quick way to see if they're easily resolved is to create a security policy in ASM using the "third party vulnerability scanner" output option when you start the deployment wizard. Import the XML-based vulnerability output file into ASM, and then locate those two vulnerabilities in the list. It is possible that ASM will mark them as "resolvable" and you might be able to simply select each one in the GUI and then click "resolve" or "resolve and stage." At that point, you could run the scan again, and any vulnerabilities resolved by ASM should no longer appear.