Cirrus
NimbostratusIf you think that either a) this signature has been redefined in a way that means it is missing malicious content or b) the signature is not being processed correctly, this probably merits a support call.
Signatures can change from version to version, usually in order to make the signature more accurate.
CirrusHi, Indeed the code is not the same, probably more accurate matching less content and avoiding more false positive, or being covered by another signature.
I finally get a match after many tests, but on a different part on the request.
NimbostratusThat can happen sometimes, where a violation detected on a request will 'shadow' (my term) a violation that occurs later in the request. It's more common in older versions, i.e. in my recent experience ASM does better catching all violations in a request, not just stopping at the first significant issue.
CirrostratusThat can happen sometimes, where a violation detected on a request will 'shadow' (my term) a violation that occurs later in the request. It's more common in older versions, i.e. in my recent experience ASM does better catching all violations in a request, not just stopping at the first significant issue.
CirrusThanks a lot for sharing experience. :D