Forum Discussion
Erik_Novak
Oct 06, 2016Employee
Having QA run valid traffic is a great way to start. So the script example might be tricky. ASM is sophisticated enough that the simple presence of your example in some random request might not trigger an attack signature at all. A good plan of action might be to watch those attack signatures which are triggered, and then take a good look at what caused the violation. If script and open/end tags are allowed as input for a form parameter, then you could disable that signature on that parameter, for example. Any policies you create can be exported to another licensed ASM unit or applied to virtual servers. Attack signatures start out in staging, so you should be able to run traffic without affecting traffic.