Skip to content

Protocol: Insecure Technology Used¶

Identifier: insecure_technology_used

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Inherently insecure technologies — cleartext protocols such as FTP or Telnet, or services known to lack confidentiality and integrity guarantees — should not be exposed on untrusted networks.

How we test: When the technology fingerprinting step identifies a known-insecure protocol or product on a host, we report it so it can be replaced (e.g. FTP → SFTP, Telnet → SSH) or restricted to a trusted network.

Configuration¶

Example¶

Example configuration:

---
security_tests:
  insecure_technology_used:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.