If all of your traffic uses HTTPS, specify true. This option sets the Secure flag on all security product cookies, which are then only included with HTTPS traffic. It also adds SameSite=None to most bot management cookies, ensuring that recent browser versions submit the cookies with protected requests. The SameSite=None cookie setting is necessary for site architectures that involve cross-domain form submission or inclusion of cross-domain iframes.