2. Secure - The Secure cookie flag prevents cookies from being sent over unencrypted channels (e.g. HTTP rather than HTTPS).
Recommendation: Our IT recommends that adopting a development policy that includes always setting cookies with the HTTPOnly and Secure flags. For more information, see the following: