Currently target cookies are not with secure flag. How can we ensure that cookies are secure?
Target cookies on the website does not store user credentials or target account information, so we believe user impersonation or compromise of target account is not at risk. Target cookies just store the visitor information on the page to be able to display target activities and store website visitor profile to Target servers.
Adobe do annual security pen tests on our products via thirdparty and we are not aware of any open vulnerabilities/exploits related to our cookies. If you wishes to do security testing, your security team certainly can and share the vulnerabilities found, if any.