PCI-DSS 4.0 6.2.2

Bespoke and custom software security

UnveilScan findings mapped to this control

The scanner emits 2 distinct findings on this control. Click "Scan a domain" below to see which of them currently apply to your site, with copy-paste remediation snippets (nginx, Apache, DNS BIND, web-server config).

web.leak.git_config ⏱ 15 min

WEB — Leak.git config

Risk if ignored: Low impact, mostly a maturity signal. Fix when you next touch this area.

operational

Also maps to 1 other control

ANSSI Hygiène R21 — Ne pas exposer les répertoires de gestion de sources

web.leak.git_head ⏱ 2h

WEB — Leak.git head

Risk if ignored: Full source reconstruction possible via `git-dumper` — historical secrets, private algorithms, auth tokens baked into commits all leak.

security legal

Also maps to 2 other controls

ANSSI Hygiène R21 — Ne pas exposer les répertoires de gestion de sources
ISO 27001:2022 A.8.25 — Secure development lifecycle