We have a .NET Core 5 Web Api hosted in IIS. I understand that under certain conditions (internal to our app), the process will fail to start.
In such cases, we get a detailed error page from IIS that the application failed to start. Security reviews frown on such information being disclosed. There are many controls in place for not showing "detailed error pages" in ASP.NET, are there any similar controls for .NET Core apps hosted in IIS?