We had penetration test in servicenow for potential vulnerability and found to fix below two.
LUCKY13 — Remediation requires disabling the vulnerable ciphers, as noted in the information above.
• Instead of CBE Cipher Suites, use AEAD Cipher Suites such as AES-GCM.
BREACH — Remediation requires changes to the web server's configuration.
• Turning off HTTP compression
• Separating secrets from user input
• Masking secrets (effectively randomizing by XORing with a random secret per request)
• Protecting vulnerable pages with CSRF
• Length hiding (by adding a random number of bytes to the responses)
• Rate-limiting the requests
HOw to fix these
