Forum Discussion
If you think that either a) this signature has been redefined in a way that means it is missing malicious content or b) the signature is not being processed correctly, this probably merits a support call.
Signatures can change from version to version, usually in order to make the signature more accurate.
- AurelFeb 18, 2019Cirrus
Hi, Indeed the code is not the same, probably more accurate matching less content and avoiding more false positive, or being covered by another signature.
I finally get a match after many tests, but on a different part on the request.
- rob_carr_76748Feb 18, 2019Nimbostratus
That can happen sometimes, where a violation detected on a request will 'shadow' (my term) a violation that occurs later in the request. It's more common in older versions, i.e. in my recent experience ASM does better catching all violations in a request, not just stopping at the first significant issue.
- rob_carrFeb 18, 2019Cirrostratus
That can happen sometimes, where a violation detected on a request will 'shadow' (my term) a violation that occurs later in the request. It's more common in older versions, i.e. in my recent experience ASM does better catching all violations in a request, not just stopping at the first significant issue.
- AurelFeb 18, 2019Cirrus
Thanks a lot for sharing experience. :D