Forum Discussion
samstep
Sep 04, 2015Cirrocumulus
Yes, ASM is capable of this functionality using Policy Export/Import function if you choose XML Export/Import.
AskF5 Knowledgebase solution SOL12619 has the schema information.
https://support.f5.com/kb/en-us/solutions/public/12000/600/sol12619.html
In addition to this ASM is capable of importing vulnerability scanner reports XML files and create security policy automatically mitigating the vulnerabilities.
ASM support XML reports produced by WhiteHat, Cenzic (now TrustWave), HP WebInspect and IBM AppScan. Additionally there is a "Generic Scanner" schema you can use - described in ASM manual here:
https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-getting-started-11-5-0/4.htm
Hope this helps,
Sam