We recently had a Burp Suite scan done and it found that "BurpSuite Found: 'Strict transport security not enforced' (Type: 16777984)"
To correct the issue, below is what was suggested:-
"The application should instruct web browsers to only access the application using HTTPS. To do this, enable HTTP Strict Transport Security (HSTS) by adding a response header with the name 'Strict-Transport-Security' and the value 'max-age=expireTime', where expireTime is the time in seconds that browsers should remember that the site should only be accessed using HTTPS. Consider adding the 'includeSubDomains' flag if appropriate."
How do I make those changes in Kibana?