💼 [ELB.12] Application Load Balancer should be configured with defensive or strictest desync mitigation mode

• ID: /frameworks/aws-fsbp-v1.0.0/elb/12

Description

HTTP Desync issues can lead to request smuggling and make applications vulnerable to request queue or cache poisoning. In turn, these vulnerabilities can lead to credential stuffing or execution of unauthorized commands. Application Load Balancers configured with defensive or strictest desync mitigation mode protect your application from security issues that may be caused by HTTP Desync.

Similar

• AWS Security Hub
  • https://docs.aws.amazon.com/securityhub/latest/userguide/elb-controls.html#elb-12
• Internal
  • ID: dec-c-4873c32d

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(21) Information Flow Enforcement _ Physical or Logical Separation of Information Flows		37	48		no data
💼 NIST SP 800-53 Revision 5 → 💼 CA-9(1) Internal System Connections _ Compliance Checks			25		no data
💼 NIST SP 800-53 Revision 5 → 💼 CM-2 Baseline Configuration	7		29		no data
💼 PCI DSS v4.0.1 → 💼 6.2.4 Software engineering techniques or other methods are defined and in use by software development personnel to prevent or mitigate common software attacks and related vulnerabilities in bespoke and custom software.			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance