PCI-DSS 4.0 3.5.1

Protect cryptographic keys

UnveilScan findings mapped to this control

The scanner emits 1 distinct finding on this control. Click "Scan a domain" below to see which of them currently apply to your site, with copy-paste remediation snippets (nginx, Apache, DNS BIND, web-server config).

web.api.actuator_heapdump ⏱ 30 min

WEB — Api.actuator heapdump

Risk if ignored: A heapdump contains every live secret in memory — JWT signing keys, DB passwords, tokens. Rotate everything if this was reachable.

security

Also maps to 1 other control

ANSSI Hygiène R19 — Pas d'actuator/heapdump public