Number of already implemented protections per WAP. The half-sized value in the brute-force protection category means that this measure is applied only to the PIN-based scheme required for resetting a forgotten user password. The same values in the HTTP response headers category denote that the specific WAP only applies the XFO security header.