Rajit_171155
Sep 22, 2014Nimbostratus
Best practices for attack signature update/maintenance on ASM
We are looking for suggestions regarding best practices for attack signature update/maintenance on ASM in an university environment. We would like to have inputs for the following questions
- How often the attack signatures should be updated
- Is it a best practice to move updated attack signatures from blocking to staging state or to leave the signatures in blocking state while applying the updates
- We have similar policies on ASM for QA and prod environment. Could we first apply the attack signature updates to only QA environment policy and test before pushing the updates to production environment.