Security vulnerabilities for

1 Reply 1400 Views

Hi there,


I'm a new customer to AGL and started using your


I decided to run a scan on your security headers to the application and noticed no configuration has been setup for your security headers. 

After running both va



They both return an F in the summary report which includes the following

- Strict-transport-security

- Content-Security-Policy

- X-Frame-Options

- X-Content-Type-Options

- Referrer-Policy

- Permissions-Policy 

As a customer, more concerned about the risk of using your service. 

AGL Community Manager
0 Replies 1370 Views

Hi @c_Jerochim 


We've reviewed the findings of the report you've shared: The reason you're seeing these results is that 3rd party tools like the one you've used here are actually blocked from accessing details about our pages because of a security tool we use internally.


Our technical teams are aware of the headers you've mentioned and these are implemented as is appropriate to ensure security. We also perform regular penetration testing to assess vulnerabilities like these.


Thanks for taking an interest in our digital security - it's something we take very seriously.