To fix the Secure-Flag vulnerability in our application using SSL with the system parameter

• A new header needs to be added from the "HTTP Response Headers" field under "Default Web Site" in IIS.

• Name =Strict-Transport-Security , Value= max-age=31536000