I am currently working with Nessus Automation using API. I prefer to use CURL for the requirement. I see that everytime to get data from Nessus, I need to use token (session id). If I send this token with GET method, won't it lead to Session hijacking? What could be the solution to avoid such a problem and have a proper security?
↧
