Most of the information exposed through the Actuator's endpoints are sensitive. That's why Spring Boot disables endpoints, besides /health and /info, by default. There are several ways to protect these endpoints. In this section, we will explore a few of them.