Impact of Cloud Security Scanner on Logs

Traces of the scan will appear in your log files. For example, Cloud Security Scanner generates requests for unusual strings like ~sfi9876 and /sfi9876. This is so it can examine your application's error pages. These intentionally invalid page requests will appear in your logs.

Interpret scan results

The scanner tests and reports the following issues:

Detector Detection condition
XSS CALLBACK The Chrome webtools debugger was successfully called via an XSS in the application under test.
XSS ERROR The Chrome javascript parser detected a syntax error caused by the test request.
XSS FLASH INJECTION The application produced a JSONP response where the user can influence the beginning of the response.
MIXED CONTENT Chrome has performed a request to an HTTP script or CSS while in an HTTPS page.
OUTDATED LIBRARY The version of a JS library in use has a known security issue. Note: the issue was not exploited.
CLEAR_TEXT_PASSWORD The application includes a clear text password.

For more information see Result details.

Was this page helpful? Let us know how we did:

Send feedback about...

Cloud Security Scanner Documentation