BREACH Attack
BREACH stands for ‘Browser Reconnaissance & Exfiltration via Adaptive Compression of Hypertext’. BREACH is a group of vulnerabilities of the same type, rather than a specific instance that impacts a particular piece of software. BREACH Attack detection is a security check that checks multiple criteria. BREACH Attack detection checks protected connections in which attackers can still view the victim’s encrypted traffic.
There are no additional settings available for the BREACH Attack Detection.
The BREACH Attack Security Check is enabled by default.
For further information, see Scan Policy Fields and Security Checks.
How to Disable the BREACH Attack Security Check in Invicti Enterprise
- Log in to Invicti Enterprise.
- From the main menu, click Policies, then New Scan Policy.
- Click the Security Checks tab.
- Deselect the BREACH Attack checkbox.
- Click Save.
How to Disable the BREACH Attack Security Check in Invicti Standard
- Open Invicti Standard.
- From the Home tab, click the Scan Policy Editor. The Scan Policy Editor dialog is displayed.
- Deselect the BREACH Attack checkbox.
- Click OK.